How to clean hosts file windows xp. Cleaning and restoring the Hosts file

This is a text file used to store a list of domains and IP addresses that correspond to those domains. This list is used to convert symbolic names to IP addresses and vice versa.

Due to this feature, the Hosts file is often used by viruses to block access to antiviruses, as well as to spoof sites. Immediately after infection, the virus modifies the Hosts file. Lines are added to it that redirect the user to incorrect . After removing the viruses, these entries remain. This results in the need to clean up the Hosts file.

Cleaning up the Hosts file is pretty easy. The first thing you need to do is open the Run window. You can do this by opening the Start menu and selecting Run. In addition, you can launch the Run window using the Windows key + R key combination or by searching the Start menu or Start screen if you have Windows 8.

After you have opened the "Run" window, type the command "%systemroot%\system32\drivers\etc" and press enter. This should open the folder containing the Hosts file. If you are having difficulty, you can try to find this folder manually. As a rule, it is located at the address "C:\WINDOWS\system32\drivers\etc".

After the folder is open, you need to open the Hosts file. After double-clicking on the Hosts file, you will see a window prompting you to select the program that will be used to open this file.

Here you need to select the program "". After you select this program, the Hosts file will open. Since the Hosts file is a system file, you need administrator rights to edit it. This must be taken into account.

After opening the Hosts file, you can start cleaning it. The Hosts file consists of comment lines and entries. Comments are marked with a "#" symbol, they do not affect the operating system in any way and can be ignored. And the entries look something like this: 127.0.0.1 localhost.

In order to clean up the Hosts file, you need to delete all extra lines or completely restore the file to its original form. In the article "" you can learn about this in more detail.

In short, in order to clean up the Hosts file, you need to delete all lines that do NOT start with the "#" character, except for the line "127.0.0.1 localhost". Thus, in a normal Hosts file, there should be comment lines starting with the "#" character, as well as the line "127.0.0.1 localhost".

For example, the screenshot above shows the contents of the Hosts file. The part that needs to be removed is highlighted in blue.

Users sometimes have difficulty accessing certain social networking sites or other sites. Sometimes the reason for blocking access is the hosts file, or rather problems associated with a change in the file. You do not need all the details why this happens, and I will describe some below. Now I will try to explain how to solve this problem.

If you do not have an anti-virus program installed on your computer, I advise you to download and install it. Or you can use the free distribution version (Kaspersky Virus Removal Tool) or similar. For myself, I most often use Kaspersky.

The databases of the anti-virus program must be up-to-date, that is, fresh. Scan the entire system, the entire hard drive. It is clear that this procedure can take a long time, so please be patient.

If you have not done a full virus scan, the following may not be useful.

After the antivirus scans the entire computer, we begin to edit the file hosts.Sometimes, depending on the antivirus installed on your computer, it may be necessary to disable the antivirus (because some antiviruses block access to editing a file hosts).

Default file folder hosts located on drive C/Windows/System32/drivers/etc/hosts

When you open the hosts file, a window will appear: Select a program to open this file: choose - open with notepad.

A file opens with the following content:

Yours may be slightly different. If you cannot go to the page on VKontakte or classmates, then often there is just the same line with the address to the social network. Also, this file often contains unnecessary or harmful addresses that block access or redirect to other addresses.

Now you need to do the following: we completely clear the file that we opened. In order to clear the entire file, press the key combination ctrl + A and then the delete button.

Now copy the text you see below, which is appropriate for your operating system.

For Windows XP:

# Copyright (c) 1993-1999 Microsoft Corp.
#

#




#space.
#


#
# For example:
#


127.0.0.1 localhost

For Windows Vista:


#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost::1 localhost

For Windows 7

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1localhost
# ::1 localhost

A hosts file is a special text file that is used by all popular operating systems (Windows, Mac OS X and Linux) and which matches the domain name of a site to its IP address on the Internet. This property of the hosts file, useful in certain situations, began to be used by various Internet scammers for their own selfish purposes. By making unauthorized changes to this file, they block users' access to their favorite sites (mainly social networks) and demand payment supposedly for account activation by sending an SMS to one of the short numbers.


But even by sending an SMS to the specified number, unfortunate users, having spent a significant amount of money, still do not get access to the sites of interest. And this is easily explained! Indeed, in fact, there is no blocking as such. It’s just that instead of a real page on VKontakte, classmates, or any other, you see a fake page of scammers in your browser, despite the fact that the correct address (URL) is displayed in the address bar of the web browser.

All you need to restore access to blocked sites is information on how to clean the hosts file from unnecessary entries and return it to its original state.

Restoring the hosts file manually
You can manually clean up the hosts file by following the steps below.

  1. On Windows Vista and Windows 7, sign in with . If you try to edit the hosts file in these operating systems with user rights, then you will not succeed. An error message will be displayed informing you that you do not have permission to edit this file.
  2. Click the "Start" button and then select "Run" from the menu that appears. In the window that opens to enter commands, type:

    %systemroot%\system32\drivers\etc


  3. Press the Enter button on your keyboard.
  4. In the folder that opens, find the hosts file and open it with notepad. The contents of the hosts file, depending on the operating system, should look like this:

    Windows XP
    # (C) Microsoft Corp., 1993-1999
    #

    #




    #space.
    #


    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com
    #sourceserver
    # 38.25.63.10x.acme.com
    #xclienthost

    127.0.0.1 localhost

    Windows Vista
    # (C) Microsoft Corp., 1993-2006
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    #space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a "#" symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com
    #sourceserver
    # 38.25.63.10x.acme.com
    #xclienthost

    127.0.0.1 localhost::1 localhost

    Windows 7
    # Copyright (c) 1993-2006 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    #space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a "#" symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com
    #sourceserver
    # 38.25.63.10x.acme.com
    #xclienthost

    # localhost name resolution is handled within DNS itself.
    # 127.0.0.1localhost
    # ::1 localhost

    If you see that the contents of the file differ from the examples above and contain the names of those sites to which access is "blocked", then copy the contents of the file corresponding to your operating system and paste it into the open hosts file.

  5. Save and close the file.
Editing the hosts file using the AVZ utility
AVZ is an anti-virus utility, one of the functions of which is convenient editing of the hosts file. Using this one is useful in cases where the real hosts file corrected by attackers is hidden, and instead a file is created with the correct content, but with a different, but very similar at first glance, name. For example, with the Russian letter "o" or zero instead of a letter. To clean up the hosts file using this utility, do the following.
  1. Download the utility from the official website http://z-oleg.com/secur/avz/ and unpack the archive with the program.
  2. Right-click on the avz.exe file and select "Run as administrator" from the menu that appears. After entering the administrator password, the program will start. It is very important to run the program as an administrator, otherwise you won't be able to edit the file.
  3. In the main menu of the program, select the "File" item and select the "Restore system settings" item in the list that opens.
  4. In the window that opens, check the box corresponding to the item "Clean up the Hosts file" and click the "Perform the marked operations" button.
Cleaning up the hosts file with HijackThis
HijackThis is a simpler analogue of the AVZ anti-virus utility from foreign developers. Today the program is outdated, but it can be successfully used to edit the hosts file.
  1. Download the file and run it as administrator.
  2. In the main window of the program, select the item "Open the Misc Tools section" ("open the section of additional tools") and in the section that opens, click on "Open hosts file manager" ("open the hosts file manager").
  3. Remove all lines that:
    • do not contain a comment sign (#) at the beginning of the line;
    • contain something else besides "127.0.0.1" and "localhost".
  4. Close the utility.
It is highly likely that after successfully changing the hosts file, restoring access to sites and then restarting the computer, the hosts file will be overwritten again in an infected form. This means that there is a virus on your computer that is configured to permanently change the hosts file. Such viruses often remain invisible to antivirus programs. In this case, only manual cleaning of the computer by experienced users, rolling back the system to a date preceding the appearance of the virus, or, in the most extreme cases, reinstalling the system can help.

This type of virus sometimes tends to delete itself 2 hours after launch, but the consequences remain exactly in the hosts file along the path C:\WINDOWS\system32\drivers\etc, it prescribes the IP addresses of its servers there. So this thing needs to be cleaned up. FILE HIDDEN

Resource Lock
Using the hosts file, it is possible to filter ads by redirecting domain addresses of banners to the address 127.0.0.1. In some cases, this can lead to a 404 error, however, this method is used to increase the speed of the browser by clearing the page of unnecessary elements. When the browser processes an address containing an ad entered in hosts as a mapping to 127.0.0.1, it does not find the ad script and/or banner, saving traffic and time. Also, the hosts file can be used to block prohibited sites (for example, pornography, or sites containing viruses, phishing sites)

If your operating system is installed on the "C" drive, then the path to the file will be as follows:
Quote
C:\WINDOWS\system32\drivers\etc

This folder should contain the hosts file. The file has no extension. To edit it, right-click on the file, select "Open" and then a list of programs will be offered in a new window.

Here we are looking for the Notepad program. Select it with the mouse and press the OK button.
Before I show you what the wrong hosts file should look like, I want you to know the contents of the original file:
Quote
# Copyright 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

This is the text the file is filled with after installing the Windows operating system.
Now we look at our current file using the Notepad program. On an infected computer, it may well look like this:

Please note that opposite 127.0.0.1 are the domain names of the sites. In fact, every line like: "127.0.0.1 vkontakte.ru" blocks access to a specific site. In this case, this is the social network "Vkontakte.ru".
Now our task is to select all the contents of the hosts file and delete all the text that has been opened to our eyes. Next, copy the original contents of hosts from our site. I brought it to your attention for review above. And paste it in place of the just deleted data. Here is what we should get:

Close Notepad. When prompted to save the file, answer "Yes".

We restart the computer. And try to enter the desired site. According to my observations, in 20-30 percent of cases, the above actions lead to a positive result.
However, there is also a more complex option. So, let's suppose that you go to the C:\WINDOWS\system32\drivers\etc folder and observe the following picture there:

As we can see, the hosts file does not exist here! We see that the folder contains a certain lmhosts file, which the hand tries to rename to hosts. I do not advise you to do this, since this operation will not lead you to a positive result.
In this case, you need to perform the following set of actions: in the main menu of Windows Explorer, go to the main menu Tools and select the "Folder Options" item there.

Go to the "View" tab and uncheck the box next to the following items:
- Hide protected system files
- Hide extensions for known file types
Now click on the switch opposite the inscription "Show hidden files and folders."

However, when you try to edit and save, you may get an error.
Therefore, we will do it easier. Delete the hosts file completely. Select it with the mouse and press "Shift + Delete" on the keyboard. Thus, our file is deleted forever, bypassing the trash.
Now let's create the hosts file again. To do this, right-click on an empty space in the C:\WINDOWS\system32\drivers\etc folder and call the context menu.
Choose: Create - Text Document

A file with the name Text Document.txt will appear. Delete the name and extension of the file completely and enter simply hosts. For a request to change the extension, we answer "Yes".

Now paste the contents of the original hosts file:

The lmhosts.sam file is simply deleted. We restart the computer. Our Vkontakte website should open.

I have the ORIGINAL FILE THIS...

# (C) Microsoft Corp., 1993-1999
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains mappings of IP addresses to hostnames.
# Each element must be on a separate line. The IP address must
# be in the first column, followed by the appropriate name.
# The IP address and hostname must be separated by at least one space.
#
# Also, comments can be inserted on some lines
# (such as this line), they must follow the hostname and be separated
# from it with the symbol "#".
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # client node x

127.0.0.1 localhost

***********************************

Cleaning up the hosts file.

The hosts file is designed to assign specific IP addresses to specific site addresses. However, if the IP is registered there incorrectly, then when you try to enter the site, you will be thrown out to a completely different place. This technique is often used by malware, for example, to force you to send SMS (paid).

Clearing the file is often necessary when you cannot access the Vkontakte, Odnoklassniki, antivirus sites, and so on.

So, let's get started ... Click Start - Run

A window will appear Program launch

Enter in the field Open the line below:

Notepad %windir%\system32\drivers\etc\hosts

(just copy the command text above into the field Open window Launching programs). We press OK

We see a notepad on the screen with approximately similar content

It also happens that the contents of the file exactly match the texts below for different operating systems, but some cunning pests write their malicious addresses outside the Notepad window. Always make sure you have a scroll bar on the side and always scroll down the window.

Clear the editor window completely and copy one of the following texts, depending on the version of your operating system.

For Windows XP

# Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost

For Windows Vista

# Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost::1 localhost

For Windows 7

# Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a "#" symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. # 127.0.0.1 localhost # ::1 localhost

Then we save the changes made, close notepad and try to open previously blocked sites.

In some cases, you may need to restart your computer.

There are also cases when, after making changes, it is not possible to save the file. In this case, open Properties file (Right click on the file):

And uncheck the attribute Only reading tab General in the properties window

We press the button Start, open in the menu All programs paragraph Standard, find and press the right mouse button on the item Notebook(Notepad) and in the context menu select the item Run as administrator(we act according to the arrow in the picture below).

In Windows XP, there may be an item Run as... In this case, in the dialog box, you must specify (select) a user name and enter a password.

On some systems, depending on the settings, the screen may dim and a window will appear. User Account Control with a request "Allow the following program to make changes on this computer?" This is normal and should not be feared. Just in case, check the field Program name, should be Notepad and field Verified Publisher: Microsoft Windows. If so, feel free to press the button Yes, Notepad will open. Press the menu item File - Open...(or hotkeys Ctrl-O). The file open dialog box appears. Next, look at the picture below.

Open the folders in turn (if the system is installed on the disk and folders by default): System drive (usually drive C:) -> Windows -> System32 -> Drivers -> etc(Pay attention in the address bar in the picture the same path is spelled out, underlined with a red line).

There are times when you will not see some folders (hidden from view, possibly a virus), but in fact these folders are there. In this case, in the field File name type the path below (just copy and paste):

%systemroot%\System32\drivers\etc

and press Enter. You will immediately be taken to the folder where the hosts file is located.

Most likely, immediately after opening the etc folder, you will not see anything. That's right, that's the way it should be. Notice in the lower right corner circled in red list. Now you should have written Text documents (*.txt). And if with this choice in the file list window you see the hosts file (hosts.txt), this is most likely the work of a virus, it is better to delete it.

Click on the field and select an option from the list All files, like on a picture. After that, you should see several files in the file selection field, one of them is the desired hosts file. If you don't see the hosts file, it may be hidden from display. In that case, right in the field File name just type hosts and click the button Open.

Then edit the file as described above and after editing try to save and you should be fine. If this is not the case, check if the box is unchecked. Only for reading in the file properties.

WELL THIS IS LIKE EVERYTHING!

RELATED ARTICLES