That could be an indication that the HOSTS file
has been compromised (modified) or that you have used a custom HOSTS file of have a security program installed which manages that file.
The HOSTS file is a text file that maps an IP address to a name. It has no extension and can be viewed using notepad. At the top is an explanation of the simple syntax. Each line is an IP address, a domain name, and an optional comment placed after a #
sign. In Windows XP, 127.0.0.1 localhost
is the universal IP address of all local computers and is the standard hostname given to the address of the loopback network interface which refers to the local computer only.
In Windows Vista and XP, the HOSTS file is located in this default location: C:\Windows\system32\drivers\etc\hosts.
Anything that appears in your HOSTS file without an # at the beginning, except from the "127.0.0.1 localhost
" line, should be viewed with suspicion. Although malware can be responsible for altering the HOSTS file in an attempt to redirect your browser, it does not do so without infecting other areas of your system.
There are several legitimate security programs like SpySweeper
and Spybot S&D
which can add numerous entries to the HOSTS file and be detected by other scanning tools. See Spybot S&D: HOSTS file viewer
. If you downloaded and used a custom HOSTS file or made edits that too could trigger a warning. If you did not make any changes, use a custom HOSTS file or have a security programs with these features, then you need to investigate further
To view the folder containing your Hosts file, go to
, and in the Open box, type:%windir%\system32\drivers\etc\
The easiest way to access and view the contents is by using Notepad.
- Double-click on the HOSTS file.
- A message will appear saying Windows can't open the file or Choose the program you want to open this file.
- Scroll down the list of programs until you see Notepad.
- Select it and click OK.
To view the Hosts file in Notepad automatically, go to
, and in the Open box, type:notepad %windir%\system32\drivers\etc\hosts
Click Ok.Note: Since the Hosts file is often used and altered by malware, some security programs (like Spybot S&D) will lock the file's read-only attributes as protection so it cannot be changed without your knowledge unless you disable that feature. As such, you may receive an access is denied message. If using Vista, be aware that the User Account Control UAC blocks access to the HOSTS file since itís a system file.