How to add spyware sites to the host files

News	Main spyware page	Recommended Links	Recommended Papers	Spyware Scanners	Non-scanner antispyware tools
					Etc

You can modify the hosts file to control DNS name resolution. Here is the initial hosts files shipped with Windows:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

If the entry exists in the host file it is used first, before DNS. This way you can block spyware sites pointing them to the address 127.0.0.1 which is so called local host --address pointing to your PC, for example,

127.0.0.1 abetterinternet.com

To edit the hosts file, follow these steps:

Click Start, click Run, type notepad %windir%\system32\drivers\etc\hosts, and then click OK.

Add lines form you IE history (see below how to save it) that represent spyware sites.

On the File menu, click Save.

Quit Notepad.

Restart the computer.

Note If you do not want to restart the computer, flush the DNS resolver cache. To do this, follow these steps:

a.	Click Start, click Run, type cmd, and then click OK.
b.	At the command prompt, type ipconfig /flushdns, and then press ENTER.

Getting History from IE

The crude way of getting IE history is using strings utility on files from folders in

C:/Documents and Settings/username/Local Settings/history

But there is also programmatic way to do that as describes at CodeGuru Getting the History from Internet Explorer:

I just wanted to access the history of Internet Explorer. I found no code anywhere to get it directly, but somehow I managed to combine some of code and get this working application. The code isn't very great, but it is somewhat useful, you can say. I am not a great writer, so don't expect a good explanation. My coding style is self-explanatory. If you open the IEHistory.h file, you will get to see everything.
[
  #include <atlbase.h>
  #include <comdef.h>
  #include <mshtml.h>
  #include <UrlHist.h>
  #include <afxtempl.h>

  BOOL  GetHistory(CStringList & list)
  {
    STATURL url;
    CString strUrl;
    ULONG uFetched;
    IUrlHistoryStg2Ptr history;
    IEnumSTATURLPtr enumPtr;

    if(FAILED(CoCreateInstance(CLSID_CUrlHistory,
          NULL,
          CLSCTX_INPROC_SERVER,
          IID_IUrlHistoryStg2,
          ( void**)&history)))
          {
            return false ;
          }

          if(FAILED(history->EnumUrls(&enumPtr)))
      return false;

    while(SUCCEEDED(enumPtr->Next(1,&url,&uFetched)))
    {
      if(uFetched==0)
        break;
      strUrl = url.pwcsUrl;
      list.AddTail(strUrl);
    }
    return true;
  }
]

Download demo project - 28 Kb
Download source - 11 Kb

Notes:

Those pages are written by people for whom English is not a native language. Some amount of grammar and spelling errors should be expected.
This is a Spartan WHYFF (We Help You For Free) site. It cannot replace the best teachers and the best books.
The site contain some obsolete pages as it develops like a living tree... Some links on older pages are broken. Please try to use Google, Open directory, etc. to find a replacement link (see HOWTO search the WEB for details). We would appreciate if you can mail us a correct link.

Search Amazon by keywords:
Open directory	Research Index

Old News

block_ips free list

Feel free to circulate this list, use it to block unwanted or malicious activity, and/or incorporate it into anti-spyware software. However, please do not delete any rules from it. If you think something should be added or deleted, please email me at yospongeP@yahoo.comP. Remove the two capital Ps before emailing. You can, of course, quote part of it relevent to a specific spyware. My official site is www.geocities.com/yosponge and you can obtain updates there. Thank you!
NOTE: Entries for spyware which are new or changed will say so.

Risk key:
C = Common H=High
O = Occasional M=Moderate
R = Rare

Spyware Free Spy Software Blocking Tool

Tired of all that Spyware and Adware crap being installed by ActiveX ?
But don't want to lose out on functionality?
We have created a system that blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".

When a page tries to install a component from our list, it will fail.
When a page tries to use a component from our list that was already present on your system, it will fail too!

Other, "friendly" components are not affected.
For a full technical explanation how this works, look at this Microsoft article.

Recommended Links

In case of broken links please try to use Google search. If you find the page please notify us about new location

***** Spyware - Wikipedia, the free encyclopedia -- general spyware information

***** Blocking Unwanted Parasites with a Hosts File contains very useful information including Various Troubleshooting Articles

Options for Using the Ipconfig Diagnostic Utility (XP)

WinME users - Start | Run (type) "winipcfg" (no quotes)

"The Page Cannot Be Displayed" Error Message (XP) [more info]

Error Message: The Page Cannot Be Displayed (98\ME)

"The Page Cannot Be Displayed" Error Message (2K)

Repairs Winsock 2 settings (usually spyware related)

How to Reset Internet Protocol (TCP/IP) in Windows XP

How to Troubleshoot TCP/IP Connectivity with Windows XP

HostsMan is a freeware application that lets you manage your Hosts file.
Includes an option to turn off the unneeded DNS Client Service.

HOSTS Manager 1.4 [freeware]

HOSTS File Manager [freeware] (MVP site)

Resources Ad Blocking Resources

IE-SPYAD adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC.

Please note that IE-SPYAD is not an ad blocker. It will not block standard banner ads in Internet Explorer. What this Restricted sites list of known advertisers and crapware pushers will do, however, is

AGNIS contains a set of customized ad block lists for AtGuard, Norton Internet Security 2000/2001/2002/2003, and Norton Personal Firewall 2003. These block lists are much more extensive than the default ad block lists shipped with all of these programs. AGNIS includes both a "full" and "lite" version of this customized ad block list for each application:

Spyware Warrior Rogue-Suspect Anti-Spyware Products & Web Sites

On June 23, 2005, just 3 months after moving against SpywareAssassin, the U.S. Federal Trade Commission announced that it had taken action against Trustsoft, the company behind SpyKiller 2005, an "anti-spyware" product that has been listed on these pages since June 26, 2004 (the very day this list was first published). In its complaint, the FTC specifically named several of the more deceptive and unfair practices that are employed by many of the "anti-spyware" applications listed on this page, namely:

falsely claiming to have scanned users' PCs remotely and detected "spyware"
using high pressure sales tactics through pop-ups and spam to compel users to buy its application, SpyKiller 2005
selling an "anti-spyware" product that falsely detects "spyware" on users' PCs
selling an "anti-spyware" product that fails to remove a substantial amount of "spyware" from users' PCs

You can read more about the FTC's action against SpyKiller 2005 here:

Press Release
Complaint (PDF doc)
Temporary Restraining Order (PDF doc)
Stipulated Preliminary Injunction (PDF doc)

Copyright © 1996-2008 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: June 02, 2008