Windows Defender & HOSTS file editting

[tomcatuk]

So a site I'm using generates pop-ups in such a way that foils the pop-up blocker in Internet Explorer. I don't want to install dozens of pop-up blocking software packages, because some of the sites I visit use pop-ups and I'm not about to instruct 10 different programs as to which sites I want pop-ups enabled for.

So I think, modify the HOSTS file and filter out some of the crap.

Trouble is, I'm running Windows Defender (the free anti spyware package from the big M) and it doesn't seem to want to let me modify the HOSTS file. Every time I try I get a warning from it about a possible hijack. Obviously I'm fully aware the HOSTS file is being modified as I'm the culprit! So I click "Ignore" to the message from Windows Defender.

The problem is, I go back to look and Windows Defender seems to have removed the new entry in the HOSTS file regardless!

So......can I modify this behaviour of Windows Defender? Should I just ditch it and trust myself to use the computer properly? My kids also use it from time to time, so anti spyware is kinda important

[Andromeda43]

You're kind of on the right track, although possibly making some incorrect assumptions.

The best thing you can do to protect yourself and your child from being redirected to bad web sites is the Custom Hosts file from Mike Burgess. Here's his eMail message, sent out every two weeks.

************************************

The MVPS HOSTS file was updated [08-25-06]

http://www.mvps.org/winhelp2002/hosts.htm

Download: hosts.zip (121 kb)

http://www.mvps.org/winhelp2002/hosts.zip

How To: Download and Extract the HOSTS file

http://www.mvps.org/winhelp2002/hosts2.htm

HOSTS File - Frequently Asked Questions

http://www.mvps.org/winhelp2002/hostsfaq.htm

Note: the "text" version makes a great resource

for determining possible culprits ... (493 kb)

http://www.mvps.org/winhelp2002/hosts.txt

Sign up for HOSTS file update notices

http://www.mvps.org/winhelp2002/hosts.htm#contribute

Mike Burgess

Microsoft MVP

"There's no place like 127.0.0.1"

****************************************

Mike writes a very inclusive Custom Hosts File, which I and thousands of other people use every day.

It gets updated every two weeks, or sometimes more often and you can sign up to receive an eMail every time a new update is posted.

If it blocks a site that you absolutely MUST get to,,,,you can always edit out that line in the file. No problemo.

I use it, and I also use Defender (although I'm not quite sure why. ) and the two do not affect each other.

The next thing you might well consider is to STOP using the most UNSafe browser on the planet.

I.E. has more holes in it than a screen door.

I and 200+ million other users gave up on I.E. a long time ago and went to Mozilla Firefox. It has a great little popup blocker.

Something to consider.......right?

Andromeda43 ( a Computer Security Specialist) B)

Edited September 8, 2006 by Andromeda43

[LLXX]

So a site I'm using generates pop-ups in such a way that foils the pop-up blocker in Internet Explorer. I don't want to install dozens of pop-up blocking software packages, because some of the sites I visit use pop-ups and I'm not about to instruct 10 different programs as to which sites I want pop-ups enabled for.

Pop-up blockers are all useless IMHO - you can achieve the same effect by disabling all scripting/ActiveX in the Internet zone, then enable it only for the Trusted Sites zone. Add sites which absolutely require scripting to that zone, and you'll never have any problems with popups and malware again.

If scripting is still enabled, even with most popup blockers I can still force a popup with some obfuscated script, which I believe the site you're using is doing.

Redirected the site to 0.0.0.0 in HOSTS will not stop the popups from appearing, they will still occur but instead of their usual content they'll contain error messages instead.

...and with the secured IE setup I suggested above, you won't even need Windows Defender

Edited September 8, 2006 by LLXX

[Tarun]

SpywareBlaster would be a great start. Also, using Spybot you can Immunize the system.

[Andromeda43]

A "Total Package" that I make available to all my hundreds of customers includes, but is NOT limited to:

Mozilla Firefox, as the primary Browser, blocks popups and doesn't have the inherited security problems that I.E. has.

I.E. is actually a part of Windows and is still there if you ever really need it, like for Windows Updates.

AdAware SE/personal, Spybot S&D and Spyware Blaster as Spyware preventers and removers,

(all, must be constantly kept up to date for maximum effectiveness. Daily, if at all possible)

Mike Burgess's custom hosts file, for additional bad site blocking

(a must-have addition to PC's operated by children)

It prevents you from being redirected from a good site to a bad one, or being on a good site and getting a box ad or banner leading you to a bad site.

I have no children in my home, but I still use it.

Good Luck and Happy Computing

Andromeda43 B)