"Host File Hijacking by Malware Some malware tries to use the hosts file by altering it so that some well-known addresses are directed to the wrong place. Thus, instead of going to microsoft.com, you might end up on a cleverly faked phishing site. A number of programs will warn you if something tries to alter your hosts file. I like WinPatrol. It has many other functions as well. References mvps.org Host files FAQ Castle Cops Wikipedia Download MVPS Hosts file Gorilla Design version of Hosts Spyware entries in Hosts file Ad-blocking hosts file Blocking sites with the Hosts file WinPatrol " Clint Hamilton-PCWorks Admin wrote: > Interesting you mention a Wiki URL, here's where it talks about > malware modifying the hosts file: > http://wiki.lunarsoft.net/wiki/Blocking_Malware_and_Advertisements_Safely > So it is indeed "possible", but I don't see the point of it > because why would malware want to PREVENT you from getting > online? Unless it's just "annoying" malware, because if you > can't get online to websites, then the malware can't exploit > the PC. It's just not "lucrative" for malware to have that > kind of agenda, but that of course doesn't mean it doesn't > exist, it just doesn't make sense.....but then again a lot of > malware doesn't make sense. ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-