The article covers such questions: where is the hosts file in Windows 7, Windows 8, Windows 10; the contents of the hosts file, how to edit it; how to save the hosts file if access is denied.
Hosts file - what is it, what is it for
What is this
hosts - a file containing a database of IP addresses and domain names corresponding to them. For example, for the popular site VKontakte, the correspondence will be as follows:87.240.131.118 vk.com
The hosts file on Windows is opened with an application Notebook.
What is it needed for
The literal addresses of sites were invented exclusively for people, since it is easier for a person to remember this. Computers find sites by numbers. On the example of the same VKontakte: vk.com is a letter address (or they say URL address), and 87.240.131.118 is a digital address (or IP address).Check my words. Enter in the address bar of your browser
87.240.131.118
You must be on the site https://vk.com/.
All correspondences between IP addresses and URLs are stored on DNS servers that the browser contacts and opens the desired site for us.
But before contacting the DNS server, the browser always checks the hosts file. In it, we can prohibit the opening of sites, or change the correspondence between the IP address and the URL.
This is what viruses do on the computer, replacing matches, adding other lines to this file, etc. For lines that need to be entered into such a file, see the chapter “How to enter commands
What should the hosts file look like? Contents of the hosts file
The hosts file should contain the following:For Windows XP:
| # Copyright (c) 1993-1999 Microsoft Corp. # # #space. # # # For example: # 127.0.0.1 localhost |
For Windows Vista:
# Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one #space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host
|
For Windows 7, 8, 8.1, 10:
| # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one #space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. |
Where is the hosts file in Windows 7, Windows 8, Windows 10
The hosts file is located in all versions of Windows atSee screenshots:
How to open hosts file
This file is opened with Notepad. We find this application in the start menu. We click with the right mouse button. In the menu that appears, select "Run as administrator". In the Notepad window that opens, through the menu "File" → "Open ..." open the hosts file by writing the file address in the address bar of the window that opens or moving from folder to folder until we find it.
How to edit the hosts file
1. Recovery
To restore a file you need:- Open the file with notepad as administrator.
- Copy the contents of the file from this article, paste with replacement and save.
Attention!
The file should only open with Notepad running as an administrator. Otherwise, you will not be able to save the changes. When we save the .txt extension in the file name, we delete it.Tricks of the modified hosts file
1. Some viruses to mask their changes after lines127.0.0.1 localhost
::1 localhost
leave a lot of spaces and only then add lines.
Therefore, when replacing content, select all content (hot keys CTRL+A).
2. The file is hidden
If there is no file in the specified package, then it may have been hidden and assigned the Hidden attribute.
In the menu View → Options → View, check the box "Show hidden files, folders and drives."
Now that the file has appeared, in the file properties, uncheck the Hidden box.
3. Cannot be edited
The file has been set to read-only. Uncheck the corresponding box in the file properties.
To folder C:\Windows\System32\drivers\etc put a file named hosts but with extension .txt(file hosts.txt) or without an extension, like the hosts file, but with a different name, such as host.
2. Change
To block access to a site, you need to enter the lines at the end of the content(line skip)
127.0.0.1 (multiple spaces) (Blocked domain name)
127.0.0.1 (multiple spaces) (Domain name to block with www.)
On the example of the same VKontakte and Odnoklassniki:
We save. We check our work by entering the URL of these sites in the address bar of the browser. Sites do not open. Bingo!
In this way, you can block computer game sites, casino sites, pornographic sites, etc.
To redirect, we do everything as before, but we give the desired URL a different IP address.Example. Let the site https://vk.com/ open at the entrance to VKontakte and Odnoklassniki
We write lines:
(line skip)
87.240.131.118 vk.com
87.240.131.118 www.vk.com
87.240.131.118 ok.ru
87.240.131.118 www.ok.ru
2.3. Popular sites and their IP addresses
87.240.131.118 https://vk.com/213.180.193.3 https://ya.ru
5.61.23.5 https://ok.ru/
To determine the IP addresses of any sites, the Internet is full of services. Google it.
hosts access denied - what to do
If you can't save the file and access is denied. We do it in turn, trying to save the file after each item.- Open in Notepad as administrator.
- Copy file to desktop. Change it. The hosts file left in the folder C:\Windows\System32\drivers\etc rename to hosts.old. Copy the edited hosts file on the desktop to the folder C:\Windows\System32\drivers\etc.
- Turn off antivirus. Antiviruses often make sure that no changes are made to this file. Add the file to Windows Defender exclusions. Starting with version 8, Windows makes sure that no one changes this file.
- We set the access rights to the file in its properties on the "Security" tab.
- If you still can't uninstall, go into Safe Mode and try to uninstall from under it.
What happens if you delete the hosts file
Nothing will happen. Unless there are problems with connecting to the Internet. During the connection, the IP address 127.0.0.1 will have to be entered manually. It is possible that some programs will ask for localhost instead of 127.0.0.1, which will create another problem.Good afternoon. Once upon a time I wrote an article about being in new operating systems. At that moment, I somehow didn’t think that it would be necessary to write an article about the opposite - how to restore it to the “factory state”. The thing is that some "friendly programs" (of course, these are viruses) can change it themselves and add some useful site to us, say VKontakte, Yandex, Google or something else ... And after that we get a message that this site is not available at the moment. Of course, this is the most elementary thing, to check the hosts file for extra entries, but not every beginner will guess about it. It is for such people that this small instruction will be written.
Instruction
- A. Edit the current file with by deleting the content and filling it with the following:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host# localhost name resolution is handled within DNS itself.
# 127.0.0.1localhost
# ::1 localhost
In the Windows 8 operating system, the file hosts located in the following path:
C:\Windows\System32\drivers\etc\hosts. This is a plain text file that stores the IP addresses of domain names on the local machine and is manually generated by the computer administrator if necessary. However, malware also likes to use this file, so you need administrator rights to edit the hosts file.
etc folder with hosts file
This file, although it is a text file, does not have the usual .txt extension, so the operating system will ask which program to open it. In the window that appears, find and select Notebook.
Choose Notepad
You can open the hosts file for editing in Windows 8 with another editor, for example, the widely used Notepad++.
Notepad window
If the algorithm listed above fails, you may not have sufficient access rights. Finding in a folder C:\Windows\System32\ file notepad.exe and call the right-click context menu, where we select . And then through the File-Open menu we find the hosts file in the folder C:\Windows\System32\drivers\etc\.
Make the necessary changes and save the file. As you can see, all actions are similar to those in the case of editing
1. What is hosts for?
The task of the hosts system file is to store a list of domains (web addresses like site.ru) of various sites and their IP addresses. So, in the process of working with the Internet, domains are converted into their IP addresses and vice versa. Each outgoing request to open a particular Internet site is, in fact, a request to convert a domain to an IP address. This query is performed by the Internet DNS service. From the technical side of the Internet veil, there are no literal web addresses like site.ru. They are used for the convenience of web surfing by users and reflect the essence of the subject of sites. Designed to provide data exchange between different parts of the network, the DNS service converts domains into certain sets of numbers, they are also the IP addresses of each individual site.
The hosts file takes precedence over the DNS system. Before accessing this Internet service, browsers first check their cache, then receive information about the correspondence of IP addresses to domains, which is contained in the hosts file of the Windows operating system. And only after that the call goes to DNS.
Some users make changes to the "hosts" in order to speed up the loading of selected sites. If you specify in it for individual sites the correspondence of IP addresses to their domains, you can get a slightly faster access to these sites, since they will be loaded in a browser window, bypassing the stage of sending a request and receiving data from the DNS service. But this method of optimizing Internet access is not necessary, since there is a browser cache with the highest access priority.
The need for intervention in order to change the contents of this file arises when it is edited by malware without the knowledge of the user. The hosts file is a vulnerability in Windows and is of particular interest to malware creators. By replacing the original hosts system file with its analogue, but with a ready-made list of false matches between IP addresses and their domains, Internet scammers thus implement a redirect mechanism that is beneficial to them. If we introduce a false correspondence of the IP address to the domain in the “hosts”, replacing the real IP address, for example, of some social network, with the IP address of, say, a site with paid porn content, respectively, each time we try to get into the social network, we will in fact find ourselves on a porn site. But this is not the worst example of hosts manipulation by scammers. It will be much more difficult to fill out forms on phishing sites. In order to extract confidential user data, for example, accounts in financial and online payment systems, logins and passwords to them, Internet fraudsters can replace individual web pages of these online systems with their own web pages specially created for fraudulent purposes. Substitution of file data with redirection to another site is also used as a dishonest way to promote sites, to block social network pages and extortion for unlocking money, to block access to web resources of anti-virus software products, etc.
Making changes to hosts is also practiced in order to locally block access to certain sites. For example, within parental control.
Below we will consider how the processes of making changes to hosts are carried out in order to edit it to block individual sites, as well as to correct it in case the content is replaced by malware. But first, of course, let's find the file itself, open it and look at its original content.
2. The path to the hosts file and its opening
To access hosts, you must have administrator rights. It is located in the Windows system directory along the path:
C:\Windows\System32\drivers\etc
You can also open this path with the command %systemroot%\system32\drivers\etc in the Run dialog
To open a file, call the context menu on it, select "Open with" (simply "Open" for Windows 7) and in the list of suggested programs select a standard Windows notepad or any third-party notepad, if one is present in the system (Notepad ++, AkelPad, etc.). P.).
If there is no “hosts” file in the specified path (provided that the option to display hidden folders and files in Explorer is set), this is a clear consequence of the tricks of malware that has penetrated the computer. Viruses and trojans can sometimes move it to another location on the computer.
3. Content hosts
After opening hosts, we will see its contents in the form of informational reference about the essence of this file. From the correspondence of IP addresses to their domains, in the original revision of the file content (without user intervention, without tricks of malware), there should be only one working record. This is a disabled mapping of the current computer's IP address to "localhost", the local host. The pound sign at the beginning of the line means that the prescribed match does not affect anything, but simply exists in the future to be involved or as a template.
4. Blocking access to individual sites using the hosts file
Editing "hosts" is one of the many ways to block access to individual sites. Against the background of the blocking mechanisms offered by regular Windows parental control and third-party programs, editing hosts is a simple and quick way to restrict access to sites.
To block access to a specific site, first we clear the cache of the browsers used on the computer, then in the open hosts notepad, below the existing entries, enter a redirect from objectionable sites to the local host by type:
127.0.0.1 site1.ru
127.0.0.1 site2.ru
127.0.0.1 site3.ru
Those. in each correspondence, after the local IP address 127.0.0.1, we add the domains of objectionable sites with a space. After editing the contents of the file, click the menu "File" - "Save As".
It will not work to save the newly minted file directly along the path of its placement in the system directory. First, this file must be saved in any non-system folder (for example, in the Documents folder) as a plain text TXT file called "hosts".
After saving, select this file, press the F2 rename key, delete the “.txt” extension (along with a dot) and press Enter.
We confirm the action.
We copy the newly made file, after which we go to the folder along the path of the original hosts file, which is indicated in paragraph 1 of the article. Before inserting the newly minted hosts file, you need to decide what to do with this file in its current version. As an alternative to deleting, you can use the same F2 key to rename the current file by adding a postscript to the name in the form of a serial number, date, or other nuances. It will be something like a backup copy of hosts with some current settings, to which you can always return by giving the file its original name without a postscript.
We confirm the insertion of a new file with administrator rights.
After all these actions, the sites included in the blocking list will not open in any browser of the system.
In the future, to temporarily remove the lock, so as not to delete the entire records, at the beginning of the line of each individual match, you must insert a pound sign and save the hosts file, as indicated above.
It is not recommended to create a huge list of blocked sites (more than a hundred) in hosts "e, so as not to slow down the computer with the Internet. When blocking large-scale web projects such as social networks, it is also necessary to take into account that they can be accessed not by any one domain, but by several.
5. How to fix the hosts file
If, when you try to visit the desired site, some other one opens instead or a message appears extorting money for unlocking a social network account, it's time to fix the hosts. First, of course, you need to clean your computer from viruses and other malware. Only after that it is already possible to start correcting the file. Fix hosts - this means that you need to return its contents to their original state. This can be done in several ways.
One way to fix it is to manually remove the strings of false matches between IP addresses and domains that were introduced by malware. Having opened the file in notepad, we leave only the default matches, as indicated in the screenshot, and delete all other lines.
And save the file, as indicated in the previous paragraph of the article.
False-matched entries may be hidden outside the standard view of the notepad window, so you need to view the entire document by scrolling down to the very bottom.
Another option for fixing a file is to completely replace the existing content with the original text content. The source text of the file can be copied on the Microsoft support site, where options for various versions and editions of Windows are presented in separate blocks:
In the case of Windows 10, the original version of the hosts file for Windows 8.1 is used.
We copy the original contents of the file on the site, in notepad we press the Ctrl + A keys to select the entire text of the document, then Ctrl + V to paste. We save the file, as indicated in the third paragraph of the article.
If there is no file at the path specified in the first paragraph of this article, it must be created there after the malware has been neutralized. In notepad, open a new document, paste the source text copied from the Microsoft support site, save the file and place it in the system directory where it should be.
Finally, the last way to fix a file is automatic. True, it is only available for Windows 7 and earlier versions of the system. By clicking on the link above, on the Microsoft support site in the "Easy fix" block, download the Fix it utility.
We launch it, agree to the license terms, click "Next".
We are waiting for the completion of its work and close it.
We restart the computer.
The utility will automatically fix hosts and return its contents to its original state, including restoring the file if it was not found along the installation path due to the tricks of malware.
Have a great day!
After entering the desired site in the browser, suppose Google.com , the browser sequentially (according to priority) looks for a mapping of this domain name to an IP address (because network devices work with IP addresses).
A) the specified site is checked in the hosts file, if it finds a match (suppose 1.1.1.1 Google.com is written in the hosts file), then the contents of IP - 1.1.1.1 will open accordingly, if there is no specified domain name, proceed to the next step;
b) the dns cache is checked (if you previously opened Google.com, then most likely the IP of this site was stored in the DNS cache of your computer / laptop), if the IP of the site is indicated there, then the page opens for you, if not, it proceeds to the last stage;
V) the request goes to the DNS server (it is registered manually in the network connection settings or issued via DHCP), if the specified site is not in the DNS server, it will "ask" another DNS server until it finds it (if, of course, it exists at all) and the site is successfully will open.
The hosts file is located along the path C:\Windows\System32\Drivers\etc\hosts (if C is the system drive). You can open it with regular notepad. If you have not made changes to the hosts file, then the following will be written there:
|
hosts file in Windows XP: 127.0.0.1 localhost |
hosts file in Windows Vista: 127.0.0.1 localhost |
|
hosts file in Windows 7: # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. |
hosts file in Windows 8 # Copyright (c) 1993-2009 Microsoft Corp. # localhost name resolution is handled within DNS itself. |
As you can see, regardless of the version, the host file does not differ much, but if a virus "worked" on the hosts file, various sites and IP-shniks can be added there. For example:
127.0.0.1 ftp.kasperskylab.ru
127.0.0.1 ids.kaspersky-labs.com
127.0.0.1 vk.com
127.0.0.1 drweb.com
Such additions to the file prevent you from accessing the specified sites.
1.2.3.4 ftp.kasperskylab.ru
1.2.3.4 ids.kaspersky-labs.com
1.2.3.4 vk.com
1.2.3.4 drweb.com
Such additions to the file when opening the specified sites will redirect you to other sites, possibly infected with viruses (IP-1.2.3.4- are fictitious).
If you find that the hosts file has changed, you need to fix it. In Windows XP, the file is simply opened in notepad, the necessary changes are made and saved (you must be logged in as an administrator). On other versions (Windows Vista, 7, 8) you need to give permission to modify the file. To do this, open the folder in which hosts is located. C:\Windows\System32\Drivers\etc(if drive C is system). Right click on hosts and choose "Properties".
Choose a tab "Safety", then select the user under which you work on a computer / laptop (in this example, this is a website) and press the button "Change". A window will open "Permissions for group "hosts"", select the user again and assign full rights to the file, click "OK", in the window "Properties: hosts", Same "OK".
After that, open hosts with Notepad and return the file to its original state, when finished, save the changes.
