≡× MENU

• Windows 10
• Internet, WiFi
• Useful
• Windows 7
• Mistakes

hosts file. How to restore the hosts file in Windows The hosts file is empty in windows 7

Some terminology

DNS(English abbreviation for Domain Name System) – Domain Name Service. Sets a correspondence between numeric IP- addresses and text names.

DNS(English abbreviation for Domain Name Server) – domain name server; a service computer on the local or global network that translates computer names in domain records into .

DNS cache(resolver cache DNS) is a temporary storage of the previous DNS-requests on local . Reduces query execution time, reduces network and Internet traffic.

host(English) - the main computer; host, any device connected to the network and using protocols TCP/IP.

IP(English) Internet Protocol) – Internet protocol; a network layer protocol from the Internet protocol suite.

IP address(English) IP address) is used to identify a node in a network and to determine routing information. Consists of a network ID ( network ID) and host ID ( host ID).

name resolution(English) – domain name resolution; the process of converting a computer name to an appropriate.

Name Resolution Service– name resolution service; in networks TCP/IP converts computer names to and vice versa.

TCP/IP(English abbreviation for Transmission Control Protocol/Internet Protocol) is a transmission control protocol, the main protocol of the transport and session layers, providing reliable full-duplex streams. Designed for use in the global network and for combining heterogeneous networks.

URL(English abbreviation for Uniform Resource Locator) – uniform index of information resource; a standardized character string that specifies the location of a resource on the Internet.

What's happened hosts-file

hosts-file in Windows and others operating systems used to link (match) hostnames (hosts, servers, domains) with their (name resolution).

IN hosts-by default, only one is registered in the file(127.0.0.1) reserved for localhost, that is, for the local.

File hosts is a plain text file (no extension).

Disk address of the file hosts:

Windows 95\98\ME – \WINDOWS\;

Windows NT\2000\ \ \ – \Windows\System32\drivers\etc\.

When an Internet user types an address ( URL) of any site (web page) and clicks Enter:

– the user's browser checks in hosts-file, whether the entered name is a proper computer name ( localhost);

- if not, then the browser looks for the requested address (hostname) in the file hosts;

- if a hostname is found, the browser accesses the corresponding hostspecified in hosts-file;

- if the hostname is not found in the file hosts , then the browser accesses ( DNS-cache);

- if the host name is found in the cache, the browser accesses the corresponding hostcached DNS;

– if the hostname is not found in the resolver cache DNS, the browser accesses DNS-server;

– if the requested web page (site) exists, DNS-server translates user-specified URL-address in ;

– The web browser downloads the requested resource.

History of occurrence hosts-file

# Copyright (c) 1993-1999 Microsoft Corp.

#

#

#space.

#

#

# For example:

#

127.0.0.1 localhost

# Copyright (c) 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

#space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a "#" symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

::1 localhost

# Copyright (c) 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

#space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a "#" symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.

# 127.0.0.1localhost

# ::1 localhost

Usage hosts-file

hosts-file can be used to speed up work on the global network and reduce traffic - due to a decrease in requests to DNS-server for frequently visited resources.

For example, do you often download resources google.ru And google.com. Open file hosts and after the line127.0.0.1 localhost enter strings

209.85.229.104 google.ru

74.125.232.20 google.com

This will prevent the web browser from accessing the server DNS, and immediately establish a connection with sites google.ru And google.com.

Sometimes hosts-file is used to block unwanted resources (for example, senders and malicious software). To do this, after the line 127.0.0.1 localhost enter a string

127.0.0.1 Blocked_resource URL

The essence of this manipulation is that the blocking resource is compared with127.0.0.1 which is the address local computer, - so the unwanted resource will not be loaded.

Editing rules hosts-file

1. Each element must be on a separate line.

2. must start at the first position of the line, followed (on the same line) by its corresponding hostname.

3. and host name must be separated by at least one space.

4. Comments must be preceded by a symbol # .

5. If comments are used in domain name match strings, they must follow the hostname and be separated from it by the character # .

Usage hosts-file by virus writers

Attackers have long been chosen hosts-file - with its help, the real addresses of web resources are substituted on the infected person. After that, the web browser redirects the user to sites with malware, or, for example, blocks access to sites of antivirus manufacturers.

Malware disguises modification hosts-file as follows:

- in order to make it difficult to detect lines added by a virus, they are written to the end of the file - after a large empty area formed as a result of repeated line feeds;

- after that the original hosts attribute is assigned to the file Hidden(by default, hidden files and folders are not visible);

- false is created hosts- a file that, unlike a real file hosts(without extension) has extension .txt(by default, extensions are not displayed for registered file types):

hosts-file: how to eliminate the consequences of a virus attack

Open hosts-file (if the virus installed the fileattribute Hidden, will be required in Folder Options enable option Show hidden files and folders) ;

- a window will appear Windows with a message "The following file could not be opened...";

- set the switch Selecting a program from the list manually –> OK;

- in the window Program selection in a scrollable list Programs highlight Notepad –> OK;

- file hosts will open in notepad;

- remove all lines except 127.0.0.1 localhost;

- save hosts-file.

Valery Sidorov

Hello, dear readers of the blog site. Today I want to talk about such a rather simple thing in my device as hosts file.

Remarkably, it lives on almost all operating systems (and therefore all computers of Internet users), from Linux to Windows 7. Another distinguishing feature is that it does not have an extension, but this is due precisely to the fact that it should work in any OS, and therefore must be universal.

But this is not the main thing. Although he is a relic of the past, there are still plenty of ways to use Hosts for both good and bad purposes. For example, viruses and virus writers love it very much and often use it either to replace official sites with their phishing duplicates, or to block the ability to update your anti-virus program.

However, network equipment needs IP-ishniks and nothing else. Therefore, a list of correspondence between the host name and its Ip address () was manually formed. Such a list was called Hosts and sent to all hosts. local network. Everything was great until the moment when it became impossible to use such a method due to the huge number of entries contained in this file. Distributing it became problematic.

In this regard, we decided to approach this issue differently, namely, to place on the Internet a whole (domain name system) that would store all these correspondence tables and users' computers would turn to the nearest of them with the question of which Ip-ishnik corresponds to the Vasya.ru domain.

At the same time, everyone safely forgot about the Hosts file, but it still had a place to be in all operating systems, except that only its content was extremely scarce. Usually there was and still is only one entry:

127.0.0.1 localhost

For some reason, this IP address (or rather the range 127.0.0.1 - 127.255.255.255) was chosen to represent the local host (private IP), i.e. the very computer you are sitting at (literally localhost - “this computer”). But, really, that's all for the old IPv4 (fourth version).

And in IPv6, which is now in use (due to the fact that the number of addresses included in the previous version is no longer enough for everyone), such an entry will look a little different:

::1 localhost

But the essence is the same. Because now both standards for specifying an IP address are still used or can be used, then in the Hosts file usually both of these lines are present. True, any gibberish can be written above them (depending on the OS used), but all those lines contain the hash symbol # (hash) at the beginning, which means that these lines are comments and should not be taken into account.

On my old lady Windows Vista The hosts file now looks like this:

# Copyright (c) 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # This HOSTS file created by Dr.Web Anti-rootkit API 127.0.0.1 localhost::1 localhost

Record syntax very simple - first the IP address is indicated, and then, after any number of spaces (tab characters), the name of the host (computer, node or domain) is written. A separate line is used for each entry of this kind.

Here the main question arises, and what place does Hosts take now in the process of establishing correspondence between the domain names entered in the browser and those IP addresses that are hidden behind these domains? Well, as it turned out, it occupies a very important place, namely the first one. But first things first.

So, you enter the URL address () into the address bar of the browser, or follow the link from the browser bookmarks, or from any web page open in it. In any case, the browser receives from you the path to the document you want to see.

Either way, the URL will contain the domain name of the site on which the document you are interested in lies (the site in our example). However, this domain corresponds to a very specific server (maybe virtual), where this very site is hosted. And this server must must be an IP address so that it is visible on the network and can be accessed.

Your browser cannot know which IP corresponds to the domain name contained in the URL (well, unless you have enabled caching of DNS records in this very browser and this site was previously visited by you). Therefore he addressed first for clarification, specifically to the Hosts file on your computer.

If this domain is not found there (and the corresponding IP), then the browser will start torturing DNS record caching service from Windows. If earlier you accessed this domain and not much time has passed since then, then the DNS cache will give the browser this same IP address. The browser will receive it and open the document you requested.

If there are no records for this domain among the cache, then the browser will send a request to the nearest DNS server (most likely, it will be your server) and receive the required information from it. True, in this case there may be a slight delay in opening the web page you requested, but with modern Internet speeds this will be practically not noticeable.

And this happens with absolutely any request to open a document from the Internet from your computer. Do you get it? Empty Hosts does not create any problems, but if you fill it out, and even with malicious intent, it may turn out that you enter the password from your Yandex wallet not on the official website of this payment system, but on a phishing resource with a similar design (see ).

How can this be? Well, no one is safe from being infected with viruses (), and a virus can easily add the IP address of a phishing resource to the Hosts and associate the domain name money.yandex.ru with it, for example. Therein lies the danger.

On a fake site social network they might intercept your passwords, they might charge you an entry fee, or they might do something more creative. The saddest thing is that it is impossible to notice the substitution, because the correct domain name will show off in the address bar of the browser.

Where is the Hosts file located and how can I remove virus entries from it?

On the other side remove the changes made by the virus from the Host file even an absolute noob in computers can. Usually the problem lies precisely in finding where this very file is located.

In old Windows versions, such as XP or 2000, it was open to everyone and lived in system folders at the following address:

Windows\System32\drivers\etc\

You won’t believe it, but he lives at the same address in both Windows 7 and Vista, but everything is somewhat more complicated there, because following the path:

C:\Windows\System32\drivers\

You won't find the etc folders there. The developers felt that this file should not be touched by ordinary mortals in order to avoid problems.

However, the hosts file in windows 7 and vista nevertheless, there is a place to be, you just need to look for it, having received Administrator rights. Personally, I never even tried to figure out all this nonsense with rights, but for myself I found a very simple way to get around this limitation.

So, go to the menu button "Start" - "All Programs" and find the folder "Accessories" there. Labels live inside it, among which it is easy to see the Notepad. Click on it with the right mouse button and from the appeared context menu choose "Run as Administrator":

Well, actually, half the work is done. Now in notepad, select "File" - "Open" from the top menu. In the standard Windows Explorer window, find the etc folder you are looking for (inside the Windows\System32\drivers\ directory), select "All files" in the lower right corner from the drop-down list and watch with happy eyes the appearance of this top-secret file:

It will be exactly without an extension, and the rest of the crap, like hosts.txt, very often create viruses to divert your attention and confuse you in the end. For a real file, they set the "Hidden" attribute, which can be set or unchecked by simply right-clicking on the file and selecting the lowest item "Properties":

And since in Windows, by default, extensions are not displayed for registered file types (that’s why they did it - I don’t understand), then the user finds hosts.txt without seeing either its extension or the fact that there is another hosts in the same folder, but it is hidden from his eyes.

By making changes to the fake, he does not achieve anything, he starts tearing his hair, wringing his hands and goes to the store for a new laptop in order to finally get into his beloved Contact, which the virus blocked on the old computer. Ahh, horror.

Although, of course, the user may be advanced and enable the display of hidden and system files in the settings. In Windows Vista, for this you need to go to the "Control Panel" - "Folder Options" - the "View" tab and move the checkmark to the line "Show hidden folders and files. By the way, it would be better to uncheck the “Hide extensions…” line above:

Eat very easy way to open this file. It will be enough to press the key combination Win + R on the keyboard (or select the “Run” item from the “Start” button menu), then enter the following line in the window that opens and press Enter:

Notepad %windir%\system32\drivers\etc\hosts

But it doesn't matter. We still found where this secret (for Windows 7 and vista) file is located, and we must carefully examine it for possible abuse. If the initial examination of the patient did not reveal any pathologies, then look to the page scroll area in Notepad.

Sometimes the virus makes its entries after a few hundred blank lines, thereby reducing the risk of them being detected by you. If there is no scrollbar, then everything is fine, and if there is, then use it and bring your Hosts to the form that it should have from birth, i.e. it will be enough to have only two lines in it (no one needs comments):

127.0.0.1 localhost::1 localhost

Well if address substitution in this file it is quite simple to represent, for example, it might look like this:

127.0.0.1 localhost::1 localhost 77.88.21.3 site

How, in this case, is the blocking certain sites through Hosts? Well, it's just that the domain to be blocked is assigned a private IP address of 127.0.0.1, like so:

127.0.0.1 localhost::1 localhost 127.0.0.1 vk.com 127.0.0.1 odnoklassniki.ru

Clever browser finds this match and tries to get the desired document (web page) from your own computer, which, of course, it fails and about which it will immediately inform you. By the way, this good way block your children from accessing sites that you think they should not visit. Of course, you will still need to create a list of such sites or take it somewhere, but you can try it if you wish.

As I already mentioned, in ancient times, when the Internet for most users was still slow, to speed up the opening of sites, their IPs were registered in Hosts. Another thing is that these same resources periodically changed hosting and, along with it, IP addresses. And the user, forgetting about what he did six months ago to speed up the Internet, is trying in vain to understand why his favorite resources are not available to him.

How to use Hosts when transferring a site to a new hosting?

Well, and finally, I would like to talk about how, by making changes to the Hosts file, you can work with a site that has moved to a new hosting even before a new record is registered on all DNS servers (putting a new Ip address in line with your domain). The method is very simple, but effective.

So, you are changing the host. Naturally, the IP address of your site also changes. How do they find out about it on the Internet? Everything is correct, using a network of DNS servers. By the way, you yourself will make the first and most important step by going to the control panel of your registrar and registering the addresses of the NS servers of your new host there.

It is from them that the new DNS will spread throughout the Internet. But this process is lengthy and, in the worst case scenario, it can take a couple of days. At this time, the site should be available both on the new and on the old hosting, so that users from all over the world would not be deprived of the opportunity to see it.

However, you yourself will be interested to know how, in fact, your resource feels with the new host? Check the operation of all plugins and other things. Is it really necessary to wait from several hours to two days? Because it's unbearable.

Firstly, you can try to reset the DNS cache on your own computer, because it may prevent you from seeing your resource on a new hosting if external DNS servers have already received a new entry. How to do it? Again, everything is very simple. Press the key combination Win + R on the keyboard (or select the “Run” item from the “Start” button menu), and then enter in the window that opens:

A very scary window called command prompt will open, where you will need to paste this command:

ipconfig /flushdns

The regular paste buttons in the Command Prompt window don't work, so just right-click on it and choose Paste.

After that, press "Enter", the DNS cache will be cleared on your computer and you can try to open your site again. By the way, the DNS cache can also be in the browser itself, so clear it or refresh the window while holding down the "Shift" button on the keyboard.

By the way, if you are interested, you can see the contents of the DNS cache by typing in command line the following command:

ipconfig /displaydns

Is the site still open on the old hosting? No problem. We find the Hosts file in the way described just above and add only one line to it:

109.120.169.66 site

Where 109.120.169.66 - this will be IP address of your new hosting, followed by your site's domain name. All. While the rest of the world is admiring your resource on the old hosting, you have the opportunity to fix possible jambs on the engine already transferred to the new hosting. The thing is wonderful and I always use it.

Good luck to you! See you soon on the blog pages site

You may be interested

What is DNS and how DNS servers provide the Internet VPS from NeoServer - become the owner of your virtual universe
How to backup and restore from a backup, as well as the nuances of transferring a site (Joomla, WordPress) to a new hosting
Buying a domain (domain name) on the example of the registrar Reghouse
Denwer local server - how to create a website on a computer - installing, configuring and uninstalling Denwer
cPanel - creating and working with databases, adding subdomains and multidomains, as well as their parking
What are domains, hosting, DNS servers and IP addresses
FileZilla - where to download for free and how to learn how to use the popular Filezilla FTP client
Transferring the site to a new Infobox hosting, choosing between regular and VPS, as well as working with the hosting control panel

Few users who work with the "seven" and surf the Internet are aware of the true meaning of the HOSTS file (Windows 7). Its content will be shown a little later, but for now let's dwell on the theory.

why is it needed?

In general, if anyone paid attention, the file itself is located in directories etc, if you sequentially go through the tree from the Windows folder, through System32 to the drivers directory on the system drive. Not everyone, however, goes into such a jungle of the system, by and large, this is not necessary. On the other hand, if you pay attention, the extension object itself does not have, although, in fact, it is a regular text document.

But let's take a closer look at Windows 7. Its content is such that it is this object that is responsible in the system for the relationship between host names (sites, nodes, etc.) and determining their IP addresses to provide the end user with access to the resource. Roughly speaking, we do not need to prescribe combinations consisting of numbers in the browser, but we can only indicate the names of resources.

And one more small clarification about the HOSTS file (Windows 7). Its content may change. Depending on what changes were made, this can help block certain sites, speed up access to some resources, or, on the contrary, play a cruel joke by redirecting the user to dubious sites. However, first let's look at the original file.

(Windows 7): contents

So, for starters, let's try to open. It must be said that if you use the standard double-click method, nothing will work, because, as mentioned above, this object does not have an extension. In addition, the file may be hidden, so you must first select the display of hidden objects from the view menu. But the system will offer several applications to open. We choose the simplest - the standard "Notepad" and look at the contents of the HOSTS file (Windows 7). Before us is something incomprehensible: descriptive text, some examples and a line indicating the local IP (# 127.0.0.1 localhost). That's the way it should be.

Attention! There should be nothing at all below the line indicating the reserved local address, unless, of course, the user wants some resource to be blocked!

In general, everything above localhost refers to allowed resources. Anything below is blockable. It is not difficult to guess that many viruses, in particular programs that distribute spam or advertising (Malware, Adware, etc.), edit the contents of this file on their own. So it turns out that when requesting one resource, the user receives a redirect (redirect) to a completely different one.

HOSTS by default in Windows 7

We have reviewed the original file. Now let's take a look at the modified content. To fix it, you can take the contents of a “clean” file for the “seven” from another computer or from the Internet, copy it, then paste it into the original and save.

But there is one problem here. The fact is that sometimes after deleting everything unnecessary, it is not possible to save the file as the original (the system simply does not allow this to be done).

How to proceed in this case? First, delete the original completely (Shift + Del), bypassing the "Recycle Bin". Then we use the right click on an empty space inside the etc directory and create a new file with the same name, but do not specify the extension. Now we insert the necessary content into it and save the object. After that, you need to find the lmhosts.sam file in the same place and delete it, as mentioned earlier.

Everything, it's done. What is in the first, what is in the second case, a system reboot is required. Only then everything will work as expected. And, of course, editing should be done exclusively with admin rights.

Outcome

In general, very brief information about the HOST file has been given here. If you look at the issues of blocking some unwanted resources or, on the contrary, permissions to visit them with faster access, editing should be done exclusively manually and according to certain rules. Here you need to remember that the line indicating the reserved local IP plays the key role of the separator. Well, then, as they say, it's a matter of technology. By the way, the method described above will also help if the contents of the object have been changed due to the impact of virus programs.

Good afternoon. Once upon a time I wrote an article about being in new operating systems. At that moment, I somehow didn’t think that it would be necessary to write an article about the opposite - how to restore it to the “factory state”. The thing is that some “friendly programs” (of course, these are viruses) can change it themselves and add some site that is useful to us, say VKontakte, Yandex, Google or something else ... And after that we get a message that this site is not available at the moment. Of course, this is the most elementary thing, to check the hosts file for extra entries, but not every beginner will guess about it. It is for such people that this small instruction will be written.

Instruction

• A. Edit the current file with by deleting the content and filling it with the following:
  

  # Copyright (c) 1993-2009 Microsoft Corp.
  #
  # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
  #
  # This file contains the mappings of IP addresses to host names. each
  # entry should be kept on an individual line. The IP address should
  # be placed in the first column followed by the corresponding host name.
  # The IP address and the host name should be separated by at least one
  #space.
  #
  # Additionally, comments (such as these) may be inserted on individual
  # lines or following the machine name denoted by a '#' symbol.
  #
  # For example:
  #
  # 102.54.94.97 rhino.acme.com # source server
  # 38.25.63.10 x.acme.com # x client host

  # localhost name resolution is handled within DNS itself.
  # 127.0.0.1localhost
  # ::1 localhost

Entries made by virus programs in the hosts file can easily block access through the browser to any website, redirect your request instead of the official website to a false page to scammers, or block any applications on your computer from accessing the Internet and, accordingly, "mute" all their online functions. So, at one moment the antivirus may stop updating, the game will not be able to connect to the server, the site with your favorite Odnoklassniki will not open, and instead of your Vkontakte page, you will suddenly find yourself on the "left" portal, where they will extort money from you via SMS for restoring access to your account.

To avoid such unpleasant situations, always be careful what you download and install on your computer, and, of course, do not forget to watch the hosts file and periodically clean up various "garbage" in it.

To get access to the hosts file, you first need to find it in the system folders. In different Windows operating systems, its location may vary slightly. And sometimes it can even be hidden, depending on the settings of the operating system.

• On Windows 95/98/ME it is located: C:\WINDOWS\hosts
• On Windows NT/2000, it is located: C:\WINNT\system32\drivers\etc\hosts
• On Windows XP/2003/Vista/7/8 it is located: C:\WINDOWS\system32\drivers\etc\hosts

After you get access to the hosts, you can start cleaning the file from virus commands. This can be done in two ways.

1. Manual editing (via Notepad)

A.) Launch Notepad ( "Start" --> "All programs" --> "Standard") on behalf of the administrator(right-click on the program icon --> Run as administrator) and add the hosts file to it ( "File" -- >"Open").

You can do it differently.

B.) We find the hosts file at one of the above addresses and simply click on it right. book. mouse, then select the option "Open" / "To open with", then choose "Notebook", press "OK" and look at the contents of the file.

At the beginning there are explanatory comments from Microsoft about what this file is and how to use it. Then some examples of how to enter various commands are given. All this, simple text and it does not carry any functions! Let's skip it and get to the end. Next, the teams themselves should go. Unlike comments (i.e. plain text), they should not begin with the "#" sign, but with specific numbers indicating the ip address.

Malicious commands can be any commands that appear in your hosts file after the following lines:

• On Windows XP: 127.0.0.1 localhost
• On Windows Vista: ::1 localhost
• On Windows 7/8: # ::1 localhost

As you can see, the host files in different operating systems are slightly different. You can read more about what hosts files should look like here.

In order not to clean up anything superfluous, you need to know how commands are decrypted. There is nothing complicated here. At the start of each command is digital ip address, then (separated by a space) the literal domain name associated with it, and after it there may be a small comment after the "#" sign.

Remember! All commands beginning with the numbers 127.0.0.1 (except for 127.0.0.1 localhos t) block access to various websites and Internet services. To which ones, see in the next column after these numbers. Teams that start with any other numbers ip-addresses redirect (redirect) to fraudulent sites instead of official ones. Which sites have been replaced by fraudulent ones, also look in each column after these numbers. Thus, it will not be difficult to guess which commands in your hosts file are malicious! If something is still not clear - look at the screenshot below.

Take note of this moment. Many virus commands can be hidden far at the very bottom of the file by cunning Internet intruders, so be sure to scroll the slider all the way down!

After you do the "cleanup", don't forget to save all changes ( "File" --> "Save"). If you opened the hosts file from Notepad itself ( option A.), when saving changes, in the column "File type" be sure to select an option "All files", otherwise notepad will only do it instead of saving in the hosts file text copy of hosts.txt, which is not system file and does not perform any functions!

After a successful save, do not forget to restart your computer.

2. Automated editing (through special utilities)

AVZ- an anti-virus application that can work with the hosts file, even if it is hidden and replaced by attackers with a fake file with the correct values, which has a similar name, for example, "hosts" - in which instead of English letter"o" is a Russian letter.

Download the AVZ utility and run the application from them. administrator(right click on the launcher file and select the appropriate option).

From the program menu select "File" --> "System Restore" and in the opened window tick function "13. Cleaning up the Hosts file", then click the button "Perform marked operations".

Here, that's all! Now it remains only to restart the computer.

HijackThis- Another one good analogue the previous application, allowing you to edit hosts even manually!

Download the HijackThis utility and do the same run as administrator. Next, click sequentially on the options: "config" --> "MiscTools" --> "Open host file manager".

Before us, all the contents of our hosts file will open in the inner window. We select everything in it virus command lines left key. mouse and click on the button "Delete line(s)" to permanently remove them from our file. Next, press back to exit.

As you can see, everything is extremely simple. And don't forget to restart your computer!