Marc - I'm not sure that you are understanding what's happening in your
hosts file correctly.
The hosts file is, in fact, a single text file, which you can edit with
notepad if you wish.
It has a single line in it for a given host--of the form ip address host,
usually with a tab in between so you get a nice neat list.
The original purpose of the hosts file was name resolution--it is tried
FIRST in an attempt to reach a given host.
However, this mechanism has been used more recently for a completely
different purpose--to PREVENT reaching a given host.
If you are seeing a long list of items starting with 127.0.0.1 and ending
with the name of some site that you are pretty sure you shouldn't be going
near--you are seeing the result of using some other antispyware
program--perhaps Spybot Search & Destroy, on your system.
If you have a line that says 127.0.0.1 egg.foo.com--this works as follows:
You type egg.foo.com into your browser, or it is part of an innocent looking
link that you click on, and the hosts file redirects that access to your own
machine--and nothing happens. You can't go there.
So--these lines are meant to be Good--to be protective.
The file can and is being used in the opposite way as well: A number of
viruses plug the sites of major antivirus vendors into the hosts file to
prevent the user from updating their definitions, or getting help via an
online scan.
Additionally, there are some helpful folks around the 'net who publish hosts
files which you can import into your own file to keep safe. There are at
least 3 or four of these files which include this line:
127.0.0.1 spynet.com
Spynet.com happens to be where Microsoft Antispyware gets its definitions.
So if you've loaded one of these helpful files into your system, you won't
be able to get new definitions.
Fortunately, these are fairly out of the way sites--not the main ones that
folks go to for this information.
So--the hosts file is a two-edged sword. If you have hundreds of entries,
how do you spot whether
www.symantec.com is in there along with egg.foo.com?
So---some of us here prefer to keep the hosts file empty--one entry
(127.0.0.1 localhost)--so that we can see what is happening in it.
The hosts file lives in c:\windows\system32\drivers\etc\hosts on many
systems. It can be edited with notepad, and mine looks like this:
-------------------------------
# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
-----------------------------
The pound sign starts a comment.
This is a stock default hosts file and is all that is needed--in fact, just
the final line is all that is needed.
On larger corporate networks, there may well be real entries in the hosts
file that are important to the function of the network--but this isn't true
for the average home user.
