127.0.0.1 localhost
the local host loopback must be the first "visible" line in the file
after that, you can redirect other URL's to 127.0.0.1, which is redirected to the local host
as for the admin account - yes - it is vulnerable
i place my hosts file in another location, then copy it over there with a batch file
in fact, i have it split in two
i can use just the first half, which only redirects known virus payload URL's
or, i can use both halves, which also redirects many advertising URL's