What should I do if the hosts file in the windows system is hijacked?

The hosts file is hijacked, the Internet will be abnormal, the normal website will not open, and the bad website will be opened.

1. The hosts file is a file with no extension. The usual path is in the C:\\Windows\\system32\\drivers\\etc\\ folder.

The purpose of this file is to speed up domain name resolution, especially for frequently visited websites. Users can configure domain name and IP mapping in Hosts to improve the speed of domain name resolution. Because of the mapping relationship, the input domain computer can quickly resolve the IP without requesting a DNS server on the network. This shows that the hosts permission is higher than the DNS server resolution. For this reason, it is often used by viruses, Trojans, and bad programs.

2, blocking websites (domain name redirection):

There are many websites that install various plugins into computers without the user's consent, some of which are Trojans or virus. For these websites, you can use the permissions of the Hosts file to map the domain name of the website to the wrong IP or the IP of the local computer, so you don't have to visit the bad website. In the WINDOWS system, the agreement 127.0.0.1 is the IP address of the local computer, and 0.0.0.0 is the wrong IP address. The picture below is a hijacked hosts file.

3. If, in Hosts, write the following:

127.0.0.1 #Website to be blocked A

0.0.0.0 # To block Website B

This way, when the computer resolves the domain names A and B, it resolves to the local IP or the wrong IP, and achieves the purpose of blocking websites A and B. The figure below is the modified hosts file (blocking bad sites).

4, because the hosts file is a hidden file, if you can not find, you can display the system file, the steps are:

Start → Control Panel → Folder Options →View → Remove the checkmark before [Hide Protected Operating System Files], select [Hide Files and Folders] → [Show all files and folders] → OK

5, different operating systems, the location of the hosts may be different. You can create a batch file and double-click it to open the hosts file and process it, which is convenient. The steps are: use the right mouse button to click on the blank space of the desktop, in the pop-up menu, click New → text document

6, copy (Ctrl+C) the following command, paste it ( Ctrl+V) in the newly created notebook. Notepad "%SystemRoot%\\system32\\drivers\\etc\\hosts"ipconfig /flushdnsexit

7, file → save as: hosts.bat → save

8, when you need to view, double-click this batch file to view (garbled because it has Chinese).

9, if the hosts file is hijacked, you can empty all the contents of the file, and then paste a sentence: 127.0.0.1 localhost can be saved as a hidden file.