MS AntiSpyware modifications to local HOSTS

D

David Paterson

I am extremely perturbed that this tool illicitly
modifies the local HOSTS file. I have a large number of
adservers mapped to 127.0.0.1 to avoid their images and
speed up my browsing.

After running the MS AntiSpyware tool (specifically, the
Networking Hosts file System Explorer), all entries for
servers related to Mcirosoft were commented out. That is:

127.0.0.1 ads.msn.com was changed to
#27.0.0.1 ads.msn.com

This behaviour is not documented in the EULA or in the
Help file. It is not wanted. It is illicit modification
of user settings without user consent - sounds like a
trojan.

Either properly docment this behaviour in the online
documentation, or stop messing with my HOSTS file.


David Paterson
 
J

Jerry Ham \(433588\)

I can't repro that behavior. Can you provide exact steps? I put in
ads.msn.com and a few others. None were changed by the hosts file explorer.

Jerry
 
H

Hoggman

This has not happened on my system.
I can't repro that behavior. Can you provide exact steps? I put in
ads.msn.com and a few others. None were changed by the hosts file explorer.

Jerry
Click to expand...
 
J

Jon G

System Agent Checkpoints - Windows Host File - Disable this and see if it
does it again. It should leave you and you're HOSTS file alone. I will try
to repro this as well. If the above checkpoint is enabled it is also
possible there was user interaction. I'm not calling you a liar - I just
like to leave possibilities open. Let's see if anyone else experiences this
problem.
 
D

David Paterson

Just tried again; it did not replicate this behaviour.

Initial modification was done when I ran the program
after install (checked the box to run right away).

After the scan (identified VNC as potential issue), went
to advanced tools and the System Explorers. Went to the
Windows Hosts explorer. It displayed:

ads.msn.com 27.0.0.1 deactivated

The "1" in the "127" in the hosts file had been
overwritten with a #, thus having it parsed as 27 vice
127.


I will atemopt this on another machine: add the HOSTS
file then install MS AntiSpyware, and watch for the
results.

David
 
B

Beck

David Paterson said:
I am extremely perturbed that this tool illicitly
modifies the local HOSTS file. I have a large number of
adservers mapped to 127.0.0.1 to avoid their images and
speed up my browsing.

After running the MS AntiSpyware tool (specifically, the
Networking Hosts file System Explorer), all entries for
servers related to Mcirosoft were commented out. That is:

127.0.0.1 ads.msn.com was changed to
#27.0.0.1 ads.msn.com

This behaviour is not documented in the EULA or in the
Help file. It is not wanted. It is illicit modification
of user settings without user consent - sounds like a
trojan.

Either properly docment this behaviour in the online
documentation, or stop messing with my HOSTS file.
Click to expand...

Mine has been unchanged.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

MS AntiSpyware Update says "Can't Connect to the Internet" 16
Pop Up MALWARE: trojan.vundo, winfixer2005, winantivirus etc. 12

Top