removed by prevx in hosts file

hmmmm.......i use hosts file to block ads......prevx flagged a site....asked to fix ..the browser was shut down and a pop up came hosts have been cleared/cleaned or whatever ...then my hosts file look like this

 

This is done when Prevx detects a website you're visiting is being redirected by the hosts file. There isn't a great way around this at the moment other than just clicking 'Allow' on the website - the goal of this feature is to specifically block exactly what you're doing (from a malicious program, of course) but if users legitimately redirect websites, it can indeed have "false positives" like this.

 

Why don't you make it protect the hosts file in a different manner? Like give a warning when something is trying to write to the hosts file, and then the user allows or blocks. An informed alert should be given, stating that the hosts file poses risk, and if the user is not sure then block it.

It sure is a much better solution than the current one. Otherwise, it is doing a much better job than malware. Sure, not redirecting, but disabling every entry.

 

I have to agree with m00nbl00d

Removing ALL the entries in the HOSTS file is absurd

Not your fault PrevxHelp i know but this really does need to be sorted, soon.

 

just a stupid thought but, what if you set your current host file to read only.

 

Not stupid at all and i'd thought about it too, which is another reason why it's not stupid

I mentioned read only HOSTS to PH before in a thread, and he said ( paraphrasing ) there are ways around it so don't rely on it. Maybe they use these methods ?

 

thanks, I did set all my attributes to read only for it. Will see what happens.

 

We will be adding this functionality in place Just changing the attributes to Read Only isn't enough, however - the protection will be taking place from kernelmode.

Well, at the moment the warning is saying that it detected a hosts file redirection and then prompts you with a 'Fix' button which will then go through and fix the hosts file entries. The user is given control over this (we don't automatically go through and modify the hosts file) but be sure you click 'Allow' when you receive the prompt and you won't have any issue here when you're legitimately redirecting websites.

 

I see. Still, my solution is less confusing, and at least it will let the user know what to do, because nothing should be messing with the hosts file (anything) without their permission, and if SafeOnline alerts them for that, with a clear warning, then no issues will occur, I believe.

 

I agree Hosts file modifications as well as a few other system changes will be monitored in a more visible manner to the end user in v4, including straightforward messages warning the user of the change that is occurring.

 

That's great. And, I am giving emphasis to the "straightforward messages". These should be - and, I believe they will! - clear warning messages without all the technical details other applications provide, which I believe is not what Prevx is aiming.

 

i think....currently only dr web warns users of any modification in hosts...with the option of correcting/cleaning the hosts or leaving them as they are.....but I've learned to press close rather than FIX in PSO