Jump to content
CCleaner Community Forums
Sign in to follow this  
razz

Question regarding Host File and also HostMan

Recommended Posts

I have a few questions for you wise men and women on this forum.  Thank you in advance for your advice.

 

(1) As many of you, I use the MVPS Host File. I've never viewed the list before and noticed "0.0.0.0" before every address (as shown below).  I would have thought this should be the site's IP address.  I'm probably wrong, am I? 

 

# [start of entries generated by MVPS HOSTS]
#
# [Misc A - Z]
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
 
(2) I did a scan with Reason Core Security and it found "Host.Hjack" (notice no "i" between the H and J) which it classified as a high threat. The description stated that my host file was corrupt and this file needed to be removed immediately.  I searched online but could find nothing regarding Host.Hjack.  I removed it into quarantine within the program.  My concern is that if all this is legit, then how would this have happened - would that mean the MPVS Host file update was corrupt?
 
(3) I use HostsMan to manage the host file but it's not working correctly.  The update button is not active and also I can't access the area where I can turn off DNS.  I updated Hostman to the latest version, but still the same issues.  Is anyone having the same problem?
 
I Have Windows 10.

Share this post


Link to post
Share on other sites

I use HostsXpert to import the MVPS HOSTS file.

It's not updated any more but still works fine.

 

the 0.0.0.0 is the 'new' way (Since Win7 or 8) of saying 'home'.

it used to be 127.0.0.1 and basically is your PC.
So 0.0.0.0 fr.a2dfp.net is telling Windows if it ever sees that web site name to redirect all traffic to 'home' instead effectively stopping access to that site.

 

that's how sites that get redirected work.

if HOSTS had an entry like 204.79.137.200 www.google.com  and 204.79.137.200 was a Bing, then every time you tried to go to Google, you'd be redirected to Bing instead.

Share this post


Link to post
Share on other sites

Thank you so much mta, I really appreciate your prompt reply.  I will try HostsXpert.

 

Edit:

Just downloaded HostsXpert, seems good, thanks!  I noticed that my DNS is running, should that be off and if so, how should I do that?  Also, what is the best way to update MVPS with HostsXpert?

 

Any comment regarding:

 

I did a scan with Reason Core Security and it found "Host.Hjack" (notice no "i" between the H and J) which it classified as a high threat. The description stated that my host file was corrupt and this file needed to be removed immediately.  I searched online but could find nothing regarding Host.Hjack.  I removed it into quarantine within the program.  My concern is that if all this is legit, then how would this have happened - would that mean the MPVS Host file update was corrupt?

 

Again, thank you for your time and effort.

Share this post


Link to post
Share on other sites

Host.Hjack = false +ve

i think it will classified non-default hosts file as Host.Hjack

you can try restore backup/default hosts file and redownload hosts update

check and verify hosts download link to ensure that your Hostsman not hjacked

Share this post


Link to post
Share on other sites

my HOSTS update process is to download the ZIP file from their site, extract all contents, then in HostsXpert, Import options, Replace Hosts file, browse to where I extracted the HOSTS file, double click said HOSTS file, answer OK to the prompt to replace your hosts file.

 

in the Tools section of HostsXpert, don't stress too much about the DNS Service being ON.

one school of thought is you're better protected with it off but the downside is your web surfing performance suffers.  (I think that was it - it's been way too long since I was interested in all this at any great depth) :)

Share this post


Link to post
Share on other sites

Host.Hjack = false +ve

 

That makes me feel better   :)

 

check and verify hosts download link to ensure that your Hostsman not hjacked

 

I uninstalled Hostsman and installed HostsXpert.  File looks good.

 

Thanks for your response dvdbane!

Share this post


Link to post
Share on other sites

mta, thanks again for all your advice.  I should be off to the races now   :)

Share this post


Link to post
Share on other sites

Host.Hjack = false +ve

i think it will classified non-default hosts file as Host.Hjack

 

Many different security tools will deem the HOSTS file as hijacked or infected if it has anything in it that's different from a standard Windows installation, i.e.; the default HOSTS file installed by Windows - even if you're using a legit HOSTS file like the one from MVPS and even if you yourself did the modification. I'm actually surprised Malwarebytes doesn't go ballistic over a non-standard HOSTS file but it's never triggered an alert about mine in the many years I've used it.

 

Some security tools will just replace it with the Windows standard one without even notifying you about it, so a simple antivirus scan with some tool could actually make your system susceptible to malware by removing legitimate sites to block from your HOSTS (the no longer updated Norman Malware Cleaner instantly comes to mind).

 

That's why if I use any security software that sets off alarms about a hijacked HOSTS file I turn that detection off in the security software, due to me constantly adding sites to block into the HOSTS file.

 

Edit:

In my opinion the no longer updated HostsXpert is better than HostsMan. HostsMan never really quite worked well on my system and I always hated how it would format the HOSTS file making it damn near unreadable. Also HostsXpert works from Windows XP all the way up to Windows 10, works flawless in Windows 10 to be exact.

Edited by Andavari

Share this post


Link to post
Share on other sites

Andavari, thanks for all your input.  It's greatly appreciated as always!

 

I agree with you and dvdbane about the detection being a false positive.  I also agree that HostsXpert seems better than HostMan.

 

Thanks to you both (and mta) I now sleep soundly   :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...