Protect a PC with the HOSTS file

[darkness]

Firstly, If you have Spybot - Search & Destroy your hosts file will already have entries in it. Do not change anything. You are already protected

The hosts file is a plain-text file and is traditionally named hosts, and is most often located at the path /etc/hosts. It contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local (your) machine.

The best bit about it is that you can also use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems.

Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. Why? ... because in certain cases "Ad Servers" like Doubleclick (and many others) will try to open a separate connection on the webpage you are viewing.

Protect yourself using the host file. All the information is located on this website http://www.mvps.org/winhelp2002/hosts.htm . The host file is updated about once a month.

As with everything be careful.

[darkness]

If anyone has got anything to add please feel free to do so.

[BurrWalnut]

Here are a few more details to add to Darkness's post:

In XP, Vista and 7, it is normally located at C:\Windows\System32\Drivers\etc\ If it is not there, look at this registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\DataBasePath for its location.

In essence, the 127.0.0.1 at the beginning of each line stops access to the website listed alongside it, so if there are entries like 127.0.0.1 coolwebsearch.com, don’t remove them as they help to protect the system from malware sites. However, if you see entries with known names like webuser.co.uk or ibm.com you should remove them, as malware is trying to block access to them (127.0.0.1) or redirect them (n.n.n.n) to another website.

So:
127.0.0.1 NastySite.co.uk is a good entry
127.0.0.1 webuser.co.uk is a baddie
123.4.5.6 webuser.co.uk is a baddie

When attempting to make changes to it, you may be denied access as it could be read only. To make it accessible, right-click it > Properties and remove the Read-only attribute. Now make a backup copy of it before making changes.

You can delete all the entries but leave the line 127.0.0.1 localhost. Comment lines can be recognised by beginning with #. When saving it, make sure you select Save As without an extension, otherwise it will be given a .txt extension.

[darkness]

Thank you BurrWalnut

A much appreciated addition to this post

[ourstanley]

Better still IMHO is to install a hosts manager program such as HostsMan 3.1.57 which will not only add to your hosts file the current 'baddies' but will also allow you to edit, either by adding or deleting your own personal entries.
BTW the MVPS HOSTS file was updated yesterday. Thanks roddy32