In your article on the Sasser worm you mentioned that a person
could check \windows\system32\drivers\etc\hosts and see what was posted in
there. I have around a hundred entries. Almost all of which is Ad/Ware or
SpyWare sites. I use several AdWare / SpyWare removers. Should this list of
offenders be removed from the hosts file? Should I delete them and resave the
cleaned hosts file?
could check \windows\system32\drivers\etc\hosts and see what was posted in
there. I have around a hundred entries. Almost all of which is Ad/Ware or
SpyWare sites. I use several AdWare / SpyWare removers. Should this list of
offenders be removed from the hosts file? Should I delete them and resave the
cleaned hosts file?
The “hosts” file is a common target of spyware, because it’s a way to force
your computer to bypass DNS, and re-route web addresses, or block them
entirely.
But it’s also a useful tool for other purposes as well. So how to know
what’s what?
Become a Patron of Ask Leo! and go ad-free!
In this case, without seeing the entries, it’s hard to say.
The good news, unless you actually did something to your hosts file
yourself, chances are the only entries there are the result of spyware.
I would:
