About F5 in TDS-3, and the old dcsresearch site

Discussion in 'Trojan Defence Suite' started by Snook, Apr 30, 2004.

Thread Status:
Not open for further replies.
  1. Snook

    Snook Registered Member

    Joined:
    Jun 19, 2003
    Posts:
    182
    "...For that reason there is this little trick:
    Put the following line in your HOSTS file (if that line isn't already there):

    64.91.255.87 www.dcsresearch.com"



    In response to subject sticky post, how exactly is this trick performed?

    Which folder/directory/.ini file do we insert this line (64.91.255.87 www.dcsresearch.com)?

    Licensed TDS3/Port Explorer/ProcessGuard Operator
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Snook,
    In the Windows directory is a file named HOSTS
    It can be in several locations on the different windows versions, but it is always HOSTS (not Hosts.sam !)
    Find this file, open in your wordpad or notepad and add that one line to it, save and close.
    Now maybe immediately or maybe after a reboot that line is used and F5 in TDS should bring you to the proper place again.
     
  3. FanJ

    FanJ Guest

    A little explanation about HOSTS:

    The internet doesn't "know" url's (for example www.diamondcs.com.au ) but only IP-addresses like 64.91.255.87
    So when you type an url in your browser that url needs to be "translated" to an IP-address.
    The first thing Windows does, is to look in your HOSTS file to see whether there is a line in it with that url in it.
    If there is not such a line, then there will be made a connection to the DNS-server of your provider to try to get the IP-address.
    If there is such a line in it, then there is no need to look further for the IP-address.

    Your Hosts file has lines in it, each of them beginning with an IP-address and ending with the corresponding url.
    There are two ways to use this:

    1.
    Include an url with its IP-address.
    Then you don't need the info from a DNS-server to go to that url.
    For example:
    64.91.226.241 www.wilderssecurity.com

    2.
    A trick to block certain sites.
    Now the IP-address is 127.0.0.1
    This is always your own computer.
    So when there is a line in your HOSTS file with a certain URL and IP-address 127.0.0.1 then your computer will never be able to make contact with that site.
    This trick is used by, for example, the HOSTS-file of HPGuru.
    It contains a long list of "nasty" sites.
    Using that HOSTS file will block connections to such sites.

    3.
    Now the trick about which we are talking in this thread:
    The line in HOSTS:
    64.91.255.87 www.dcsresearch.com
    That is not the right IP-address of that site.
    It is the IP-address of the DiamondCS site.
    The url www.dcsresearch.com is hard coded in TDS-3.
    By including that line in your HOSTS-file, you will "fool" your browser:
    you will go to that IP-address (which is the DiamondCS site) and not to that dcsresearch-site ;)



    Jooske answered that one :)
     
  4. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    I have just checked my Host files (XP) and do not have one for dcsresearch listed o_O Do I add this to my host file which just has 127.0.0.1 if so do I just add it when I open the file with notepad even thoguh it is not there?

    I think I may have removed this when running HJT as I didn't know what dcsresearch was at the time :oops:
     
  5. Fraha

    Fraha Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    189
    Location:
    The Hague - Netherlands
    I use the big HOSTS file here and asked myself if there is a regular update somewhere?
    I guess there are bad sites popping up every day!

    Where is a good and reliable HOSTS file for download?

    Or does Spybot S&D update this file too? Never seen any mention of this....

    Regards

    Frans
     
  6. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
  7. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Robyn, just add that line (in HOSTS)
    64.91.226.241 www.wilderssecurity.com
    More people might have removed it :)
    Better be there so you come in the right place.
    You can add more nice names there like
    127.0.0.1 www.robynscorner.info (after you made sure it doesn't exist elsewhere) or if you would have a permanent IP address like many DSL users have use that IP address instead with your phantasyname.
    Typing that phantasyURL is nice for testing purposes among others.
    Maybe you can create a folder robynscorner with a file you save as www.robynscorner.info/main.html or such a thing and play around to see if you via your browser can get to it etc.
    So much is possible with your HOSTS file, fortunately Jan is one who knows a lot about it to tell you :)
    I have such extra lines and in my Port Explorer i see the difference between connections with my public IP or the local hosts on 127.0.0.1 and 0.0.0.0 just by giving them a name.
     
  8. FanJ

    FanJ Guest

    Hi Robyn,

    Do you have a HOSTS file (one without ANY extension) on your system?
    As Jooske said: we are talking here about the HOSTS file without any extension.

    Start NotePad or WordPad, browse to your HOSTS file, open it.
    Now simply add this line:
    64.91.255.87 www.dcsresearch.com
    Save and close wordpad/notepad.

    As you said: indeed it could be that that line was removed by HJT (I have to leave that topic to the HJT-experts Derek and Pieter).

    A few other notes:

    1.
    Somewhere in June/July 2003 DiamondCS published the final release of TDS-3.
    This final version puts that line in your HOSTS file:
    64.91.255.87 www.dcsresearch.com

    2.
    Once again I would advice every user of TDS-3 to put his/her HOSTS file in the file crcfiles.txt
    By doing this, the CRC32-test of TDS-3 will warn you in case your HOSTS has been changed.
    If you use FileChecker from Javacool: do the same, meaning: include HOSTS to the list of files that FileChecker will watch for you.
    Why is this so important:
    More and more "nasty" scrapware will try to change your HOSTS file; making it almost impossible for you to go to several sites (for example this Wilders-forum).

    3.
    See for example also this thread:
    Protecting your HOSTS file

    4.
    Big HOSTS files:

    In the past Steve Martin maintained a very nice Hosts file (SMartins Hosts file); used by many folks ;)
    Alas, his Hosts file is no longer maintained:
    http://www.smartin-designs.com/

    There are other Hosts files which are frequently updated:
    Hpguru
    MVPS

    5.
    Using a big Hosts file could slow things down on Windows 2000/XP.
    Some comments about that by hpguru here at DSLR
    - begin quote -
    It could but there are a few things you can do about that.

    First of all if you are running Win2k or XP, disable the DNS Client service. If it is running and you install a large hosts it will attempt to cache it resulting in a huge slowdown.

    Irregardless of whose hosts file you use, running eDexter will make Hosts blocking a lot more snappy. When your browser attempts to connect to a site blocked in hosts it will timeout after a few seconds or minutes because there is no server at 127.0.0.1 to respond to the request. However if eDexter is running (listening on 127.0.0.1:80) it will respond immediately by serving a tiny transparent gif which speeds up page loads considerably. All hosts file users should use eDexter. It's tiny (~512K VM) and it can be configured to run hidden from the desktop so it doesn't get in your way. You can also configure it to generate a log to gauge the effectiveness of different hosts files across many sites.

    www.pyrenean.com/
    - end quotes -
     
  9. FanJ

    FanJ Guest

    ;) Thanks Jooske !

    I know that there are a lot of people who know more than I do ! ;)
     
  10. Snook

    Snook Registered Member

    Joined:
    Jun 19, 2003
    Posts:
    182
    Thanks all for the quick response and solution. :)
     
  11. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Thank you for the detailed information which I am going to print out and follow. I had to rush out after I posted the question but will follow the instructions now, hopefully I will have my Host file in order soon!

    I have just tried to add this to the Host file found in System32 Drivers etc but it will not let me save it within the file o_O it will only save as a .txt o_O The only other Host I have in there is 127.0.0.1 Local host.
    I think I need to go through all of this again when I have worked out how why this will not work for me now :doubt:

    Just discovered the host file I have found is only a sample one and is read only which is why I cannot edit it. I am totally unsure how to create one now as this is very new to me o_O I have looked at the links and understand the reason behind having a Host file to edit but do not know what to do next :oops:
     
    Last edited: May 1, 2004
  12. Fraha

    Fraha Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    189
    Location:
    The Hague - Netherlands
    The easiest way to add a big HOSTS list is to add the file via Spybot S&D in the tools section.

    The program is great and so are these util's

    Frans
     
  13. FanJ

    FanJ Guest

    Hi Frans,

    I use Hostess from Ray Marron to maintain my Hosts file:
    http://accs-net.com/hostess/
     
  14. FanJ

    FanJ Guest

    I have to admit that I myself don't use eDexter (I'm on W 98 SE)....
     
  15. FanJ

    FanJ Guest


    Hi Robyn,

    I could say a bit about your questions, but -due to the fact that I use W 98 SE- I could make a mistake for those on XP :oops:
    So I will ask someone else to jump in here and give you advise ;)
     
  16. Snook

    Snook Registered Member

    Joined:
    Jun 19, 2003
    Posts:
    182
    Again, thanks! I'm F-5'vn like never before!
     
  17. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Robyn, when you do a search on your system, do you have a HOSTS at all?
    Spelled exactly that way in capitals, and no further extension, just HOSTS
    Not sure if it disappeared if you can create one just like that again wherever it needs to be. Like said before, not to be confused with Hosts.sam as that is only a sample/example file.

    You can also use the attached Forums.ss3 script (rename it back without the TXT extension i had to add to be able to attach it here) in this message
    https://www.wilderssecurity.com/showpost.php?p=117175&postcount=8
    It gives buttons to jump to Wilders, DCS and DSLR forums and has your jukebox included for some real vitamins during the job.
     
  18. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    :) Thanks Jookse and Fran, I have found out that my Host file was locked by one of my security layers and had 'read only' attribute. I changed this property and have added dcsresearch and also the Wilders IP etc hit F5 and I can now access the DiamondCS private forum as shown :)

    I now know I can add to my Host file and will endeavour to learn even more about this now. I will follow the instrucions about adding this to CR32-test in TDS and also look at the Forums.ss3 script Jookse has just suggested, thank you.

    I have learned such a lot in this little section of this forum and hope I will be able to fufill the rest of the instructions now.
     
  19. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Hi Jookse, I have save the script file and can run it and 3 pages open to the 3 forums however I cannot get the tabs to work in the duke box to take me there, the 3 forums just open on 3 separate explorer pages (this may be because I have my broswer set to open new window for each search o_O )

    I will try the duke box tabs again to see if it is something I am doing incorrectly.

    I would really appreciate it if you would tell me how to add the lovely picture to the form, I have saved it but do not know how to add this :oops:
     
  20. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Here is the image i alsways use for it, rather romatic, isn't it?
    Save it as forums.jpg in your Cokemachine folder (exact so without capitals).
    Does the jukebox not open a selection window for you? music files in your c:\ or other place? Put one or two in the c:\ and see if it plays them. On my system they need to be there in the root to be played that way, others see just their windows media player open so they can press a playlist etc.
    Might be fiddling a bit with pathnames maybe.
     

    Attached Files:

    Last edited: May 2, 2004
  21. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    I think it is me not being able to do this properly :oops: When I run your forum script the little Juke box appears with the tabs along the bottom but the main panel is grey. The tabs do not work for me but I have 3 browser windows with each of the forums opened up automatically. It may be the way my system is set up and I do remember about having to copy a music file to C: when starting to use scripts. I will find this post again to see if it helps me this time.
    Don't worry it is not your instructons just me being very cautious about changing path names etc :oops:
    The picture is really nice :) I will have to find out how to do this now, thank you for uploading the picture.

    I must have cleaned up my computer too much as I don't have the cokemachine.ssc in any folders!
     
    Last edited: May 2, 2004
  22. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    When you started scripting, i told you to download the scripts.zip from the DiamondCS TDS download page, have it in your TDS\scripts folder and create manually yourself in Scripts a new folder CokeMachine in which you put all files and images i post related to SS3 scripts.
    It's exactly CokeMachine , no space, no other extension just like that. So also if you get from Andreas' ftp site i posted somewhere in another thread unzip my cokemachine script in that same folder.
    You can put the scripts in any folder you like, but then you have to edit the pathnames in all scripts each time to have all scripts parts and images i use each time again together.

    BTW: the forums script is created to open a new instance of Internet Explorer at each buttonclick so you can look in three forums at a time and jump from the one to the other while it might be handy to look up in the one what is used in the other, etc.
     
    Last edited: May 2, 2004
  23. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Hi Jookse just to let you know I have located the cokemachine again and will be doing as you have instructed (if not tonight tomorrow as I have to go to the computer rescue for a friend) I want to have time to do this properly but did not want you to think I wasn't replying.
     
  24. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Ah, great you have it back :)
    So now helping friends already? that is great! Show your friend the forum too, so we can work together if necessary! I'm sure you like to show your new learned tricks there too! Good luck there!
    Thanks for telling: true, when you're in a brainwave for helping in a problem it's good to have feedback as we can look on for further solutions if necessary, while the person in need for support remembers best which steps have been taken, while in cases with infection further infection might be prevented and further damage if we try to work as fast as possible. And it would not be nice if a person is overlooked and stays with the request for further help. It is not all unthinkable, now the forum is getting more busy by the hour almost! Our learning experience in high gear these days!
     
  25. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Hi Jookse just to let you know I have been able to play music with my Jukebox when I placed the music file in my Windows folder as you advised.

    Thanks for confirming the 3 page opening of the forums. I am trying to work out about the nice .jpg image but not to worry I will play about and see what I can do with this I have placed it in my Cokemachine folder.
    Thanks for your help again and much better you start to help users who have program problems or infections. I just wanted to post and let you know I played a some lovely classical music to keep me calm ;)

    I will no doubt have my friend convinced that she needs TDS for the most important task of Trojan detection, she can then learn the little scripting 'fun' side of TDS :) especially now that I have helped her to set up and secure her new XP computer.
     
Thread Status:
Not open for further replies.