Today, quite often, users of social networks like VKontakte or Odnoklassniki are faced with the problem of accessing the site. The system monitors this through the HOSTS file, which is located in the C: \ Windows \ System32 \ drivers \ etc tree. Unfortunately, it is this service that is most often exposed to viruses. Let's try to figure out how to fix the situation.
What files are in the C: \ Windows \ System32 \ drivers \ etc directory, and what are they responsible for?
First, pay attention to the files located in this folder. In addition to the desired file, only four more objects should be located here. If there is anything else, you can safely say that it is a virus or something like that.
As for file functions, for example, the object C: \ Windows \ System32 \ drivers \ etc \ services and other files, including HOSTS, protocol, lmhosts and networks, are responsible for some functions of user access to certain resources on the Web.
The HOSTS file in question determines the correspondence of the database of domain names to IP addresses. In addition, its use involves accelerating user access to the most frequently visited pages on the Internet bypassing DNS servers, as well as blocking some unwanted resources or banner links. By default, in addition to the descriptive text part, it contains one single record of interest to us at the end of the text, namely: 127.0.0.1 localhost. All! There should not be any additional entries in it.
Checking the IP address of sites
If we talk about an example of a domain name matching the real IP address of a resource, it can be verified in a completely elementary way using the standard ping command input on the command line, after which the URL of the resource being checked is indicated after a space.
To get the IP of any resource, you need to use the following combination: ping www. (Site name). (Domain membership). For example, for the Facebook network, it will look like ping www.facebook.com. After the command is executed, the desired address and statistics of the so-called pinging will be displayed on the screen.
What to do if a file is infected with a virus?
Unfortunately, it is the C: \ Windows \ System32 \ drivers \ etc \ HOSTS file that most viruses infect. After that, when a user enters the same social network, either he is redirected to the clone site, or a message is issued with a request for payment of the entry. Let’s make a reservation right away: not a single “social” takes money for using the services of a resource. Hence the conclusion: this is a virus (sometimes artificial blocking, which is extremely rare).
If such a disaster has happened, first you should check the computer system with an anti - virus scanner. In some cases, you should not even use the antivirus installed in the system, since it has already missed the threat, and there is no guarantee that it will detect it and delete it as a result of on-demand scanning.
It’s better to run some portable utilities like Dr. Web (best of all Cure IT!) Or KVRT, which does not even require installation. But even such powerful products do not always help, and the blocking of access to resources specified in the file C: \ Windows \ System32 \ drivers \ etc \ HOSTS remains and continues to work. Let's see how you can get rid of it.
Manual file text correction
First, go to the C: \ Windows \ System32 \ drivers \ etc directory itself, after which we select our file and right-click on the menu with the "Open with ..." command (initially, the system file itself will not open by double-clicking, because it does not have an extension) . Now, from the list of available programs, select the standard Notepad and look at the contents of the text.
Typically, an infected file may contain entries like 127.0.0.1, followed by the addresses of the resources of the same “social networks” (for example, 127.0.0.1 odnoklassniki.ru). This is the first sign that they are produced as a result of malicious code. It turns out that the control elements of the system, referring to the HOSTS file, constantly block the site when trying to access it.
The simplest correction method is to delete all content when you paste the original text further (you can take it from another computer or find it on the Internet). After that, you just need to save the changes (Ctrl + S) and reboot the computer terminal. You can, of course, try to replace the file you are looking for with the original one, but the system is unlikely to allow this, even if you have administrator rights. In addition, this option works in about 20-30% of cases.
Problems with HOSTS hidden file and lmhosts.sam object
The problem can often be more serious. The fact is that sometimes when you enter the C: \ Windows \ System32 \ drivers \ etc directory, the HOSTS file we need is visually missing.
First, in the "Explorer" you should use the service menu, and then select the folder options where the option to show hidden objects (files and folders) is used. In addition, you need to remove the "birds" from the hiding lines of protected system files and extensions for registered types. Now our file is visible.
However, real problems begin here. The fact is that when you try to edit or save the system displays a message that the file C: \ Windows \ System32 \ drivers \ etc \ HOSTS is not writable. What to do in this case?
We apply drastic measures - delete the HOSTS file, preferably from the "Recycle Bin". Quickly remove it, bypassing the "Basket", you can use the combination Shift + Del. Then we right-click on the free space of the window and select the command to create a new text file and call it hosts or HOSTS without the extension, as you like, it does not matter. We agree with the warning of the system regarding changing the extension and proceed to editing. As already clear, the steps further are similar to the previous option - just insert the original content and save the newly created document. After that, delete the lmhosts.sam file (it affects the performance of the desired host file), and then again reboot the system.
This option will restore access to your favorite sites that were previously blocked. By the way, this method works almost always.
Instead of an afterword
As can be seen from the above, it is possible to fix the problem with blocking Internet resources quite simply, without even having any special knowledge and skills for this. However, before proceeding with editing the HOSTS system object, you should make sure that the standard scan with antivirus software did not work. Some users try to use utilities like Microsoft Fix It. Please note that if there is a virus in the system, the files will be infected again, and corrections will be made only for a while.