question about the hosts file

  • Thread starter Thread starter Tim.T
  • Start date Start date
T

Tim.T

I'm confused as to what exactly should appear in this host file. All I do
know is that the line "localhost 127.0.0.1" is legitimate. However, I'm
using Spybot Search & Destroy 1.5, and it has added hundreds of what are
clearly phoney domains to this list (there are so many the hosts file is
251kb in size!). Here's just a very small sample:

127.0.0.1 localhost
# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com


If these domains are phoney I don't see what use it is to block them - I've
tried typing these in the browser and they never show. So what exactly is
SS&D doing here? I've read on another website that in the hosts file, only
"local host 127.0.0.1" should appear, and that anything else is malware. The
way I understand it, these entries actually ROUTE your browser to these
domains rather than block them, correct? If so, then SS&D is a MALWARE!.

Tim
 
"Tim.T" <blah@blah.com> wrote in message
news:eGFTfhKyIHA.2184@TK2MSFTNGP02.phx.gbl...
| I'm confused as to what exactly should appear in this host file. All I do
| know is that the line "localhost 127.0.0.1" is legitimate. However, I'm
| using Spybot Search & Destroy 1.5, and it has added hundreds of what are
| clearly phoney domains to this list (there are so many the hosts file is
| 251kb in size!). Here's just a very small sample:
|
| 127.0.0.1 localhost
| # Start of entries inserted by Spybot - Search & Destroy
| 127.0.0.1 www.007guard.com
| 127.0.0.1 007guard.com
| 127.0.0.1 008i.com
| 127.0.0.1 www.008k.com
| 127.0.0.1 008k.com
| 127.0.0.1 www.00hq.com
| 127.0.0.1 00hq.com
| 127.0.0.1 010402.com
| 127.0.0.1 www.032439.com
| 127.0.0.1 032439.com
| 127.0.0.1 www.1001-search.info
| 127.0.0.1 1001-search.info
| 127.0.0.1 www.100888290cs.com
| 127.0.0.1 100888290cs.com
|
|
| If these domains are phoney I don't see what use it is to block them - I've
| tried typing these in the browser and they never show. So what exactly is
| SS&D doing here? I've read on another website that in the hosts file, only
| "local host 127.0.0.1" should appear, and that anything else is malware. The
| way I understand it, these entries actually ROUTE your browser to these
| domains rather than block them, correct? If so, then SS&D is a MALWARE!.
|
| Tim
|
|
Have a look at this site for a useful explanation:-
http://www.mvps.org/winhelp2002/hosts.htm
It is called "Blocking Unwanted Parasites with a Hosts File"
hope this helps.


Gerry
 
"Tim.T" <blah@blah.com> wrote in message
news:eGFTfhKyIHA.2184@TK2MSFTNGP02.phx.gbl...
> I'm confused as to what exactly should appear in this host file. All I do
> know is that the line "localhost 127.0.0.1" is legitimate. However, I'm
> using Spybot Search & Destroy 1.5, and it has added hundreds of what are
> clearly phoney domains to this list (there are so many the hosts file is
> 251kb in size!). Here's just a very small sample:
>
> 127.0.0.1 localhost
> # Start of entries inserted by Spybot - Search & Destroy
> 127.0.0.1 www.007guard.com
> 127.0.0.1 007guard.com
> 127.0.0.1 008i.com
> 127.0.0.1 www.008k.com
> 127.0.0.1 008k.com
> 127.0.0.1 www.00hq.com
> 127.0.0.1 00hq.com
> 127.0.0.1 010402.com
> 127.0.0.1 www.032439.com
> 127.0.0.1 032439.com
> 127.0.0.1 www.1001-search.info
> 127.0.0.1 1001-search.info
> 127.0.0.1 www.100888290cs.com
> 127.0.0.1 100888290cs.com
>
>
> If these domains are phoney I don't see what use it is to block them -
> I've
> tried typing these in the browser and they never show. So what exactly is
> SS&D doing here? I've read on another website that in the hosts file, only
> "local host 127.0.0.1" should appear, and that anything else is malware.
> The
> way I understand it, these entries actually ROUTE your browser to these
> domains rather than block them, correct? If so, then SS&D is a MALWARE!.
>
> Tim
>
>
Your understanding is faulty. What these entries do is to route messages
intended for the bad/questionable sites to the local computer. Remember
that 127.0.0.1 is an IP address for the local computer.
Essentially, messages intended go to the bad sites instead go to the bit
bucket. Another poster told you where you can find more information.
Jim
 
Back
Top