I have a few questions for you wise men and women on this forum. Thank you in advance for your advice.
(1) As many of you, I use the MVPS Host File. I've never viewed the list before and noticed "0.0.0.0" before every address (as shown below). I would have thought this should be the site's IP address. I'm probably wrong, am I?
# [start of entries generated by MVPS HOSTS]
#
# [Misc A - Z]
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
(2) I did a scan with Reason Core Security and it found "Host.Hjack" (notice no "i" between the H and J) which it classified as a high threat. The description stated that my host file was corrupt and this file needed to be removed immediately. I searched online but could find nothing regarding Host.Hjack. I removed it into quarantine within the program. My concern is that if all this is legit, then how would this have happened - would that mean the MPVS Host file update was corrupt?
(3) I use HostsMan to manage the host file but it's not working correctly. The update button is not active and also I can't access the area where I can turn off DNS. I updated Hostman to the latest version, but still the same issues. Is anyone having the same problem?
the 0.0.0.0 is the 'new' way (Since Win7 or 8) of saying 'home'.
it used to be 127.0.0.1 and basically is your PC.
So 0.0.0.0 fr.a2dfp.net is telling Windows if it ever sees that web site name to redirect all traffic to ‘home’ instead effectively stopping access to that site.
that's how sites that get redirected work.
if HOSTS had an entry like 204.79.137.200 www.google.com and 204.79.137.200 was a Bing, then every time you tried to go to Google, you'd be redirected to Bing instead.
Thank you so much mta, I really appreciate your prompt reply. I will try HostsXpert.
Edit:
Just downloaded HostsXpert, seems good, thanks! I noticed that my DNS is running, should that be off and if so, how should I do that? Also, what is the best way to update MVPS with HostsXpert?
Any comment regarding:
I did a scan with Reason Core Security and it found "Host.Hjack" (notice no "i" between the H and J) which it classified as a high threat. The description stated that my host file was corrupt and this file needed to be removed immediately. I searched online but could find nothing regarding Host.Hjack. I removed it into quarantine within the program. My concern is that if all this is legit, then how would this have happened - would that mean the MPVS Host file update was corrupt?
my HOSTS update process is to download the ZIP file from their site, extract all contents, then in HostsXpert, Import options, Replace Hosts file, browse to where I extracted the HOSTS file, double click said HOSTS file, answer OK to the prompt to replace your hosts file.
in the Tools section of HostsXpert, don't stress too much about the DNS Service being ON.
one school of thought is you're better protected with it off but the downside is your web surfing performance suffers. (I think that was it - it's been way too long since I was interested in all this at any great depth)
i think it will classified non-default hosts file as Host.Hjack
Many different security tools will deem the HOSTS file as hijacked or infected if it has anything in it that's different from a standard Windows installation, i.e.; the default HOSTS file installed by Windows - even if you're using a legit HOSTS file like the one from MVPS and even if you yourself did the modification. I'm actually surprised Malwarebytes doesn't go ballistic over a non-standard HOSTS file but it's never triggered an alert about mine in the many years I've used it.
Some security tools will just replace it with the Windows standard one without even notifying you about it, so a simple antivirus scan with some tool could actually make your system susceptible to malware by removing legitimate sites to block from your HOSTS (the no longer updated Norman Malware Cleaner instantly comes to mind).
That's why if I use any security software that sets off alarms about a hijacked HOSTS file I turn that detection off in the security software, due to me constantly adding sites to block into the HOSTS file.
Edit:
In my opinion the no longer updated HostsXpert is better than HostsMan. HostsMan never really quite worked well on my system and I always hated how it would format the HOSTS file making it damn near unreadable. Also HostsXpert works from Windows XP all the way up to Windows 10, works flawless in Windows 10 to be exact.