Hosts file
List of addresses of known computers
The hosts file is a list of the IP addresses of known, and usually trusted, systems. Its intention is to save on bandwidth by removing the need for repeated DNS lookups for commonly contacted hosts.
The hosts file can be used as a security measure, for example by adding the addresses of known insecure or advertising sites; thus when a site attempts to load advertising from an affiliate it will be directed to a non-existent site.
However, malware often takes advantage of this by adding lists of useful places such as security companies, pointing any attempt to connect to them at a spurious address, usually 127.0.0.1, the address of the local system. The result of this is that any attempt to browse to these addresses for information and advice will fail, and in many cases security software will be unable to update itself. Many anti-malware products will detect such changes to the hosts file as a sign of a compromised system.
