Open the hosts file windows 8. Hosts file

After entering the required site in the browser, suppose Google.com , the browser sequentially (according to priority) looks for a match between this domain name and the IP addressee (because it is IP addresses that network devices work with).

A) the specified site is checked in the hosts file, if it finds a match (let’s assume 1.1.1.1 Google.com is written in the hosts file), then the contents of IP - 1.1.1.1 will be opened for you, if there is no specified domain name, proceed to the next step;

b) the cache DNS is checked (if you have previously opened Google.com, then most likely the IP of this site is saved in the DNS cache of your computer/laptop), if the IP of the site is indicated there, then the page opens to you, if not, it proceeds to the last stage;

V) the request goes to the DNS server (it is registered manually in the network connection settings or issued via DHCP), if the DNS server does not have the specified site, it will “ask” another DNS server until it finds it (if, of course, it exists at all) and the site is successful will open.

The hosts file is located along the path C:\Windows\System32\Drivers\etc\hosts (if C is the system drive). You can open it with a regular notepad. If you have not made changes to the hosts file, then the following will be written there:

Hosts file in Windows XP:
# Copyright (c) 1993-1999 Microsoft Corp.
#
#

#space.
#

#
# For example:
#

127.0.0.1 localhost

Hosts file in Windows Vista:
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

Hosts file in Windows 7:
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
#127.0.0.1 localhost
# ::1 localhost

Hosts file in Windows 8

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
#space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
#127.0.0.1 localhost
# ::1 localhost

As you can see, regardless of the version, the host file is not very different, but if a virus “worked” on the hosts file, various sites and IPs can be added there. For example:

127.0.0.1 ftp.kasperskylab.ru
127.0.0.1 ids.kaspersky-labs.com
127.0.0.1 vk.com
127.0.0.1 drweb.com

Such additions to the file prevent you from accessing the specified sites.

1.2.3.4 ftp.kasperskylab.ru
1.2.3.4 ids.kaspersky-labs.com
1.2.3.4 vk.com
1.2.3.4 drweb.com

Such additions in the file when opening the specified sites will redirect you to other sites, possibly infected with viruses (IP-1.2.3.4- are fictitious).

If you find that the hosts file has been changed, it needs to be corrected. In Windows XP, the file is simply opened in Notepad, the necessary changes are made and saved (you must log in as an administrator). On other versions (Windows Vista, 7, 8), you must give permission to change the file. To do this, open the folder in which hosts is located C:\Windows\System32\Drivers\etc(if drive C is system). Right click on hosts and choose "Properties".

Select a tab "Safety", then select the user under which you work on your computer/laptop (in this example, this is a website) and press the button "Change". A window will open "Permissions for the group "hosts"", select the user again and assign full rights to the file, click "OK", in the window "Properties: hosts", Same "OK".

After that, open hosts with Notepad and return the file to its original state, and save the changes when finished.

In the Windows 8 operating system, the file hosts is located in the following path:
C:\Windows\System32\drivers\etc\hosts. This is a regular text file that stores IP addresses of domain names on the local machine and is generated manually by the computer administrator if necessary. However, malware also likes to use this file, so you need administrator rights to edit the hosts file.

etc folder with hosts file

Although this file is a text file, it does not have the usual .txt extension, so the operating system will ask which program to open it with. In the window that appears, find and select Notebook.

Select Notepad

You can open the hosts file for editing in Windows 8 with another editor, for example, the widely used Notepad++.

Notepad window

If the above algorithm fails, you may not have sufficient access rights. Find it in the folder C:\Windows\System32\ file notepad.exe and right-click the context menu, where we select . And then through the File-Open menu we find the hosts file in the folder C:\Windows\System32\drivers\etc\.

Make the necessary changes and save the file. As you can see, all actions are the same as in the case of editing

1. What are hosts for?

The task of the system hosts file is to store a list of domains (web addresses like site.ru) of various sites and their IP addresses. Thus, in the process of working with the Internet, domains are converted into their IP addresses and vice versa. Each outgoing request to open a particular Internet site is, in fact, a request to convert a domain to an IP address. This query is performed by the Internet DNS service. From the technical side of the Internet veil, there are no web addresses in literal expression like site.ru. They are used for the convenience of web surfing by users and reflect the essence of the site's themes. Designed to facilitate the exchange of data between different parts of the network, the DNS service converts domains into specific sets of numbers, also known as the IP addresses of each individual site.

The hosts file has priority over the DNS system. Before accessing this Internet service, browsers first check their cache, then receive information about the mapping of IP addresses to domains, which is contained in the hosts file of the Windows operating system. And only after this the request goes to DNS.

Some users make changes to the “hosts” in order to speed up the loading of their favorite sites. If you specify in it for individual sites the correspondence of IP addresses to their domains, you can get slightly faster access to these sites, since they will load in the browser window, bypassing the stage of sending a request and receiving data from the DNS service. But this method of optimizing Internet access is not necessary, since there is a browser cache with the highest access priority.

The need for intervention to change the contents of this file arises when it is edited by malware without the user’s knowledge. The hosts file is a Windows vulnerability and is of particular interest to malware creators. By replacing the original system hosts file with its analogue, but with a ready-made list of false correspondences of IP addresses to their domains, Internet fraudsters thus implement a redirection mechanism that is beneficial to them. If we add a false correspondence of the IP address to the domain into the “hosts”, replacing the real IP address, for example, of some social network with the IP address of, say, a site with paid porn content, then every time we try to get into the social network we will actually end up on a porn site. But this is not the worst example of scammers manipulating hosts. Things will be much more difficult with filling out forms on phishing sites. In order to fish out confidential user data, for example, accounts in financial and online payment systems, logins and passwords for them, Internet fraudsters can replace individual web pages of these online systems with their own web pages, specially created for fraudulent purposes. Substitution of file data with redirection to another site is also used as a dishonest way to promote sites, to block social network pages and extort for unblocking money, to block access to web resources of anti-virus software products, etc.

Making changes to hosts is also practiced for the purpose of locally blocking access to certain sites. For example, within the framework of parental control.

Below we will look at how the processes of making changes to hosts are carried out in order to edit it to block individual sites, as well as to correct it if the content is replaced by malware. But first, of course, let’s find the file itself, open it and look at its original contents.

2. Path to the hosts file and opening it

To access hosts, you must have administrator rights. It is located in the Windows system directory along the path:

C:\Windows\System32\drivers\etc

You can also open this path with the command %systemroot%\system32\drivers\etc in the Run dialog box

To open a file, call up the context menu on it, select “Open with” (simply “Open” for Windows 7) and from the list of offered programs select the standard Windows notepad or any third-party notepad, if one is present in the system (Notepad++, AkelPad, etc.). P.).

If there is no “hosts” file in the specified path (subject to the setting of displaying hidden folders and files in Explorer), this is a clear consequence of the tricks of malware that has penetrated the computer. Viruses and Trojans can sometimes move it to another location on the computer.

3. Contents of hosts

After opening hosts, we will see its contents in the form of informational information about the essence of this file. Of the correspondence between IP addresses and their domains, only one working record should be present in the original version of the file content (without user intervention, without malware tricks). This is a disabled mapping of the current computer's IP address to the value "localhost", the local host. The hash sign at the beginning of the line means that the prescribed correspondence does not affect anything, but simply exists in the prospect of being used or as a template.

4. Blocking access to individual sites using the hosts file

Editing “hosts” is one of the many ways to block access to individual sites. Compared to the blocking mechanisms offered by standard Windows parental controls and third-party programs, editing hosts is a simple and quick way to restrict access to sites.

To block access to a specific site, first clear the cache of the browsers used on the computer, then in the hosts open in notepad below the existing entries, enter a redirection from unwanted sites to the local host like this:

127.0.0.1 site1.ru

127.0.0.1 site2.ru

127.0.0.1 site3.ru

Those. in each match, after the local IP address 127.0.0.1, we add the domains of unwanted sites separated by a space. After editing the contents of the file, click the menu “File” - “Save As”.

It will not be possible to save the newly created file directly along the path where it is located in the system directory. First, this file must be saved in any non-system folder (for example, in the “Documents” folder) as a regular text TXT file called “hosts”.

After saving, select this file, press the rename key F2, delete the “.txt” extension (along with the period) and press Enter.

We confirm the action.

We copy the newly created file, after which we go to the folder along the path of the original hosts file, which is indicated in paragraph 1 of the article. Before inserting the newly created hosts file, you need to decide what to do with this file in its current edition. As an alternative to deleting, you can use the same F2 key to rename the current file, adding a postscript to the name in the form of a serial number, date or other nuances. This will be something like a backup copy of hosts with some current settings, to which you can always return by giving the file the original name without a prefix.

We confirm the insertion of the new file with administrator rights.

After all these steps, the sites included in the blocking list will not open in any browser on the system.

In the future, to temporarily remove the lock, so as not to delete entire records, you must insert a pound sign at the beginning of the line of each individual match and save the hosts file as indicated above.

It is not recommended to create a huge list of blocked sites (more than a hundred) in hosts, so as not to slow down the operation of your computer with the Internet. When blocking large-scale web projects such as social networks, you must also take into account that they may be accessible not by one domain, but on several.

5. How to fix the hosts file

If, when you try to visit the desired site, some other one opens instead, or a message appears demanding money for unblocking a social network account, it’s time to fix the hosts. First, of course, you need to clean your computer from viruses and other malware. Only after this can you begin to correct the file. Fixing hosts means that you need to return its contents to its original state. There are several ways to do this.

One way to fix it is to manually remove strings of false matches between IP addresses and domains that were introduced by malware. Having opened the file in Notepad, we leave only the default matches, as indicated in the screenshot, and delete all other lines.

And save the file as indicated in the previous paragraph of the article.

Entries with false matches may be hidden outside the view of the standard notepad window, so you need to view the entire document by scrolling down to the very bottom.

Another option for fixing a file is to completely replace the existing content with the original text content. The source text of the file can be copied on the Microsoft support site, where options for different versions and editions of Windows are presented in separate blocks:

In the case of Windows 10, a variant of the source text of the hosts file for Windows 8.1 is used.

We copy the original contents of the file on the website, in Notepad press Ctrl+A to select the entire text of the document, then Ctrl+V to paste. We save the file as indicated in the third paragraph of the article.

If the file in the path specified in the first paragraph of this article is missing, it must be created there after neutralizing the malware. In Notepad, open a new document, paste the source text copied from the Microsoft support site, save the file and place it in the system directory where it should be.

Finally, the last way to fix a file is automatic. True, it is only available for Windows 7 and earlier versions of the system. By following the link above, on the Microsoft support website in the “Easy fix” block, download the Fix it utility.

We launch it, agree to the license terms, click “Next”.

We wait for its completion and close it.

Reboot the computer.

The utility will automatically correct hosts and return its contents to its original state, including restoring the file if it was not found along the installation path due to malware tricks.

Have a great day!

What is a file hosts, where is it located in the Windows 8 (8.1) operating system and how to edit it?

What is a hosts file?

hosts is a file in text format containing a database domain names, which are broadcast in network addresses.

A bit of useful information:

Domain name is a set of characters in a human-readable form that defines the address of a network resource, for example, a website, email, etc. For example, my site is on the domain website.

Network address or IP address is the unique address of an individual node on a computer network. IP addresses can be static or dynamic. For example, in the IPv4 protocol version, the IP address could be: 192.168.0.1 or 46.42.60.167.

So, in relation to a personal computer, the file hosts stores IP addresses of domain names on the local machine.
The file can be edited manually if necessary, but with administrator rights.
Various malicious programs also like to make changes to this file.

In the Windows operating system (XP, Vista, 7, 8, etc.) the file hosts is located in the directory:

C:\Windows\System32\drivers\etc\hosts

How the hosts file works

When a user types the URL of a site in the browser search bar and presses the Enter key, the web browser does the following:

Checks in hosts file whether the entered name is the computer's own name (localhost);
If not, then the browser looks for the requested address (hostname) in the file hosts;
If a hostname is found, the browser contacts the corresponding IP address specified in hosts file;
If the hostname is not found in the file hosts, then the browser accesses the DNS resolver cache (DNS cache);
If a hostname is found in the cache, the browser looks up the IP address stored in the DNS cache for that host;
If the hostname is not found in the DNS resolver cache, the browser contacts the DNS server;
If the requested web page (site) exists, the DNS server translates the user-specified URL into an IP address;
The Web browser downloads the requested resource.

How to open the hosts file?

Find and open file hosts in Windows 8 it's not difficult. You can walk along the entire path, as they say, manually. Open drive C, go to the Windows folder... and so on.
For convenient searching, it is recommended to use Windows Explorer, since file managers (for example, Total Commander) for some reason do not see it. To call Explorer, you need to press the Start button or the Windows key or the key combination Ctrl+Esc. Copied file address hosts you need to paste into the search field:

You can just as easily use the Run window (Windows+R):

You can turn to the third option. Hover your mouse over the upper or lower right corner of the screen, calling up the vertical menu, and click on Search:

This file is nominally a text file, but does not have the usual extension .txt, so the operating system will offer options for opening it. In the window that appears, find and select Notebook, and better, Notepad++:

For example in a text editor Notepad++ The hosts file for Windows 8 will look like this:

I tried to translate the contents of the file and this is what I got. Please read carefully, as the contents of this file contain basic filling rules hosts.

# Copyright (c) 1993-2009 Microsoft Corporation.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains mappings of IP addresses to hostnames.
# Each entry should be stored on a separate line.
# IP address must be in the first column, followed by the corresponding hostname.
# The IP address and hostname must be separated by at least one space.
#
# In addition, comments can be inserted into lines (such as this line),
# they must follow the node name and are separated from it by a '#' character.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # origin server
# 38.25.63.10 x.acme.com # x client host

# Localhost name resolution is processed within DNS itself.
#127.0.0.1 localhost
# :: 1 localhost

The key lines in this file are only the last two lines; everything else is nothing more than a technical description of an informational nature. These two entries are identical. The first entry is the original IPv4, and the second is the localhost in IPv6.

File hosts can be used to speed up the Internet and reduce the amount of traffic. This is achieved by reducing queries to the DNS server for resources frequently visited by the user. For example, if you use the search engines Yandex and Google every day (sites http://yandex.ru And http://google.ru respectively), then it makes sense in the file hosts below line 127.0.0.1 localhost add the following lines:

93.158.134.11 yandex.ru

209.85.229.104 google.ru

This is what it will look like in the file hosts:

This will allow your Internet browser not to contact the DNS server, but to immediately establish a connection to sites yandex.ru And google.ru.

The Hosts file is sometimes used by a computer administrator to block unwanted web resources. To do this you need after the line 127.0.0.1 localhost add a line or several lines:

127.0.0.1 address of blocked resource-1

127.0.0.1 address of blocked resource-2

127.0.0.1 address of blocked resource-3

For example:

Impact of malware

As we already said, a request to a file hosts happens first, and then to DNS servers. It is known that the contents hosts file can be controlled by the computer administrator, and when certain conditions are created, unfortunately quite often, malware can also have an impact.

What are the attackers' goals?

Blocking access to well-known and popular sites;
Redirecting the user to other sites (advertising, phishing pages).

As a result, an attacker and fraudster can gain access to your data (logins and passwords), cause some damage by taking possession of your information, or worse, money.
If when checking hosts file on your computer is no different from the standard file, which means there are no problems.

But malware can add to the file hosts additional entries that are highly undesirable. Always pay attention to the entries after these lines:

#127.0.0.1 localhost
# ::1 localhost

Typically, malicious code is executed after a program downloaded from the Internet is launched. At this point, changes are automatically made to the properties of the browser shortcut and quite often additional lines are added to the file hosts.

To block a resource, approximately the following lines are entered:

127.0.0.1 Resource URL

This is the same as what we discussed in the Limitations... section, only it will be performed by a malicious program. And you will not be able to visit this web page because it is blocked on your computer.

To redirect to another site in a file hosts something like this is added:

157.15.215.69 Resource URL

In this case, after entering the URL of the required resource in the browser, the user will be redirected to a completely different site, the purpose of which can only be guessed at.

By restore I mean returning to the original or default state.
In fact, the entire standard hosts is the last two lines, everything else, as you already know, is a simple description.

It must be remembered that apart from these entries, nothing else should be present in the file. Everything unnecessary should be deleted immediately, of course, if you yourself did not add anything to the file hosts.
After making changes, save the file.
You can use a standard file hosts for Windows 7, 8 and replace the damaged one in the C:\Windows\System32\drivers\etc\ folder.

If the following steps fail:

There may be a permissions issue. You need to run a text editor with administrator rights and through the menu File → Open, find the hosts file and edit.
It is advisable to disable real-time anti-virus protection. Many modern antiviruses prevent you from making changes to the file hosts.
Enable the display of extensions for registered file types, hidden files, and system files.

There are no more words. All! All the best and brightness to you! Bye. L.M.

Of course, the performance of any operating system has its own subtleties and nuances, and this is especially true for everything related to the Internet. And a file such as hosts in Windows 8 is no exception.

Special purpose

To understand how to edit hosts in Windows 8, you must first understand why such a file is needed at all and what it is responsible for.

Like most everything that exists, the Internet is far from what it seems to the average user at first glance. The average owner of a personal computer or laptop is used to opening a browser, entering a query in the search bar and receiving the information found or the necessary Internet page. But in fact, the PC had to do much more work than the user noticed.

As soon as the desired query or address has been entered, the system turns to one important tool - the DNS server. It is responsible for determining and issuing IP addresses to websites and plays the role of a kind of buffer between a certain personal computer with its operating system and the Internet page. Once the request has been sent and the necessary information has been received, the connection to the website server and direct downloading begins.

The hosts file in Windows 8 plays the role of a protective membrane through which specified IP addresses are passed and unknown ones are cut off.

It has local significance and its own original copy is created on each device with an operating system from Microsoft. And, despite the fact that in most cases it has the same parameters, anyone can change them at their own discretion, of course, with the appropriate knowledge and skills.

It is through this file that you can prohibit connections to certain servers, which will allow you to deny access to content that is undesirable for the user. Also, editing it can be used as “parental control”.

Setting details

Before describing where the hosts file is located in Windows 8, you should describe the nuances associated with it.

The first thing worth mentioning is that this file is the most common target for virus and spyware. The malicious program tries to make changes and add new entries that allow you to connect not to the desired website, but to a pre-prepared one that will sabotage your PC. The effect will depend on the intended purpose of the virus, its type and the tools at its disposal. Thus, the owner of the device may not even realize that he did not go to the VKontakte page, but to a completely different server, since the address bar will contain the words “vk.com”.

The hosts file, due to its importance, is under the protection of a service such as Windows Defender, which does not allow you to make adjustments to it or add new entries.

When installing third-party antivirus software, this service is disabled, and control over the hosts is exercised by the newly installed utility. The degree of control decreases, since the third-party application is more loyal to working with local data.

If necessary, the user can remove Defender custody of this file, but this should only be done by experienced users who understand what this can lead to. To do this, you need to open Windows Defender, go to the “Settings” tab, and then select the file of interest in the block of excluded files and locations, which is located at: C:WindowsSystem32Driversetchosts.

Hosts adjustment

At the preparatory stage, you will have to perform one small but very important action, without which further manipulations simply do not make sense. Editing the required object is impossible if:

Windows Defender protection was not removed. All changes simply will not function, since the operating system will refuse to make adjustments and save them.
No third party antivirus software was installed. It has noticeably fewer tools in the environment than the native Defender, and therefore its control will be less soft. This, in turn, will allow the PC owner to adjust the file in the key he needs and save the changes.

Having finished with the preparatory stage, you can move on to the main procedure.

First of all, you need to launch standard Notepad or any other simple text editor.

As soon as the corresponding window is displayed on the monitor screen, select the “File” tab in the upper right corner, and then the “Open” position and follow the previously mentioned address.

Once the file is open, you can start making new parameters. To do this, you need to go down to the end of the entries and, on a new line, add first your local IP, and then the Internet address of the resource itself. The local IP address has a general meaning and in standard form looks like this: 127.0.0.1.

Once the data is entered, all that remains is to save the changes and check the results of the work.