Re: [PCWorks] A tip for stopping annoying harassing "slide-ups" (a kind of pop-up) immune to pop-up blockers
- From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
- Date: Mon, 24 Nov 2008 01:16:32 -0600
1. Like I said to John:
But at any rate, it's not a waste of time because of course not
every kind will do this, only rare forms of malware will, so if
it's read-only it's still going to be MUCH safer. It's logical
to leave it read-only so it will be a safe as possible.
2. I can and never will recommend to anyone to not use a
firewall. Especially for newbies. They can literally save
your butt! Sure some of them can sometimes be confusing and
complicated, but that just depends on which one you use, and
like most things on your PC, you simply must LEARN about it!
We all have "a personal obligation to ourselves" to use one and
learn about it. Even one on the basic default non-confusing
settings is better than none at all. I believe it was SP2 that
put the FW on by default.
3 & 4. No and I'm still wondering how to incorporate both.
That site you mentioned may have the answer,
http://www.abelhadigital.com/, but it seems to have many bugs
in it: "ATTENTION: This release doesn't fix many bugs that were
reported after v3.1.55, but (most of them) are fixed in the
UNstable version (3.2)."
So what I did was put a test area in my hosts file:
127.0.0.1 www.HostsFileTest.com
127.0.0.1 HostsFileTest.com
....but I'll have to wait until there's another SpyBot hosts
file update to see if that area still remains. Well this
doesn't look good and appears to certainly be a problem: what I
did for now, was undo the Immunize area, and that set the hosts
file back to default, empty. I then enabled it again and what
I added was gone! So much for that. I would think the same
problem will happen with new SpyBot updates. My hosts file now
is only 9974 lines long, and yesterday it was 9986! So it
would also seem that SpyBot screwed something up and didn't
even able all of ITS OWN hosts file additions like they were!
Because on this particular format, I had not yet added that
many new entries (12) to my hosts file. I'm glad you mentioned
that about SB updates possibly deleting custom entries. The
answer seems to be "yes". So we're going to have to find a
way around this, and regarding your #6 (you had two 5's but I
changed it below in your post), adding new data to a hosts file
is going to have to wait until we can find out how to
incorporate ALL origins without them overwriting each other.
The answer could be we have to do it manually, which is a real
PITA. You'd have to make a copy of it BEFORE there's a new
SB update, then let SB update the file, then find all the
duplicates and remove them, then add them again from other
origins! At least http://www.abelhadigital.com/ may be used to
find the duplicates. But you can't download it now because
they've reached their quota!!!! And the mirror download for
the STABLE release version is the wrong link, it goes to the
BETA version! After some searching I found it here if anyone
wants it: http://www.snapfiles.com/download/dlhostsman.html
5. I asked that yesterday of Hugh I think it was, I haven't
seen a reply yet. There are no IP addresses in the hosts file,
so it must be that way for a reason, as in it's possible you
can't put them there. I just tried looking for info on this
and
can't find any.
-Clint
God Bless
Clint Hamilton, Owner
http://www.OrpheusComputing.com
http://www.ComputersCustomBuilt.com
----- Original Message -----
From: "David Grossman"
Thank you for your responses.
1. John's response confirmed one of my initial suspicions, as I
wrote in my
initial message - that malware can change the Read Only
attribute, so the
setting is of little value.
2. Hugh presented a surprising, but somewhat convincing
argument against
using a firewall. Have others had similar experiences? Is the
problem
limited to Comodo?
Actually, everybody probably DOES have a firewall installed and
turned on by
now. The weak Windows firewall was turned on by default with XP
SP1 or SP2
(I forgot which).
Hugh, do you turn off the Windows firewall for your clients, or
do you
disable it when there is a problem?
3. Clint, you asked whether there is anything wrong with having
duplicates
in the Hosts file. Did you get a response? If they will not
cause a problem
(except for possibly adding some nanoseconds for websites to
load) then we
can just add lists with addresses.
4. I'm still concerned about Spybot or other antimalware
programs deleting
the entries that I add.
5. I would like to confirm my understanding about adding IP
numbers instead
of website names to the Hosts file. Is the following summary
correct?
- Add website addresses to the Hosts file
- Add IP numbers to the Restricted Zone
6. I'd like to find out the experience of others with the
HostsMan and
Wikipedia hosts files before installing them in my computer.
Has anybody on
this group used them?
David Grossman
> -----Original Message-----
> From: pcworks-bounce@xxxxxxxxxxxxx
> [mailto:pcworks-bounce@xxxxxxxxxxxxx]On Behalf Of John
> O'Flynn
> Sent: Monday, November 24, 2008 1:25 AM
> To: pcworks@xxxxxxxxxxxxx
> Subject: Re: [PCWorks] A tip for stopping annoying harassing
> "slide-ups" (a kind of pop-up) immune to pop-up blockers
>
>
> Some people are finding HostsMan useful.
> http://www.abelhadigital.com/
> I haven't had time to check it out, but as I understand it,
> it alows you
> to combine hosts lists from various sources (eg MVPS) and
> takes care of
> duplicates.
>
> There is some good info and a list of custom hosts files
> here:
> http://en.wikipedia.org/wiki/Hosts_file
>
> I read somewhere but can't remember where, that setting the
> hosts file
> to read only is a waste of time because some of the newer
> malware can
> simply undo this setting and tamper with it.
>
> John
>
>
> ----- Original Message -----
> From: "Hugh Vandervoort" <hughv2@xxxxxxxxxxx>
> To: <pcworks@xxxxxxxxxxxxx>
> Sent: Sunday, November 23, 2008 12:23 PM
> Subject: Re: [PCWorks] A tip for stopping annoying harassing
> "slide-ups"
> (a kind of pop-up) immune to pop-up blockers
>
>
> > Here's the entry in my Hosts file:
> > # Start of entries inserted by Spybot - Search & Destroy
> > 127.0.0.1 007guard.com
> > 127.0.0.1 008i.com
> > ...
> > I Installed the MVP Hosts file first, then the S & D file
> >
> > I've installed many a firewall, and almost all my users end
> > up
> confused.
> > I know the conventional wisdom, and I, as well as many
> > others, reject
> it.
> > Just one of many examples:
> >
> > "After seeing the recommendation about Comodo, I decided to
> > try it.
> > After half a day of unsuccessfully trying to get it to play
> > nice with
> my
> > system, I finally decided to uninstall it. After the
> > uninstall,
> nothing
> > worked. No Internet connection, nothing in the Control
> > Panel would
> work,
> > Firefox would not start, Spy Sweeper hung, etc. Had to
> > resort to a
> > system restore. After doing some research, a lot of others
> > have had
> > problems as well. Just a word of caution."
> >
> > Thanks, but no thanks.
> >
> >
> > Clint Hamilton-PCWorks Admin wrote:
> > > (Regarding #1, he was talking about the Restricted Sites
> > > area,
> > > not the hosts file).
> > >
> > > Regarding #2; you can't put IP addresses in the hosts
> > > file?
> > >
> > > #6.......HUH???? I'm shocked to hear that. :-0 Whether
> > > the
> > > security is a "false sense" or not, there's no denying
> > > the fact
> > > they block a multitude of sins. I don't call that false
> > > sense
> > > of security. Without one, you have no idea when
> > > something is
> > > getting access to your PC--deleting data, stealing
> > > sensitive
> > > data, adding malware, etc.
> > >
> > > Has anyone been able to determine yet if when SpyBot
> > > updates
> > > the hosts file, it overwrites any custom entries added
> > > either
> > > by you, or by MVPS? Or does it just add the new data to
> > > the
> > > file leaving what's there intact? If the latter, then
> > > how can
> > > it do it alphabetical order?
> > > -Clint
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
-zxdjhu-
Other related posts:
