Browser Redirects XP/IE


In my XP Hosts file [1] I find the following “loopbacks” apropos Spybot [2] and AVG [3].



127.0.0.1 www.spybot.ca
127.0.0.1 spybot.ca
127.0.0.1 www.spybotseekanddestroy.com
127.0.0.1 spybotseekanddestroy.com


127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com


My understanding was Hosts File entries were/are inserted by spybot to foil malware attempts to redirect
the browser (e.g., iexplore) to unwanted sites. [4]

Could someone shed some light as to why these spybot and avg ‘loopbacks’ are included
in the hosts file?



[1] C:\WINDOWS\SYSTEM32\DRIVERS\ETC
%SystemRoot%\system32\drivers\etc\

[2] Spybot Search & Destroy 1.6.0

[3] AVG-Free 8.0.176

[4] “The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local (your) machine. Another feature of the HOSTS file is its ability to block other applications from connecting to the Internet, providing the entry exists.”http://www.mvps.org/winhelp2002/hosts.htm

Hi pilgrym,




Could someone shed some light as to why these spybot and avg ‘loopbacks’ are included
in the hosts file?
I'll try it...




My understanding was Hosts File entries were/are inserted by spybot to foil malware attempts to redirect
the browser (e.g., iexplore) to unwanted sites. [4]
:bigthumb:





127.0.0.1 www.spybot.ca
127.0.0.1 spybot.ca
127.0.0.1 www.spybotseekanddestroy.com
127.0.0.1 spybotseekanddestroy.com


127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
These entries are fake spybot and avg sites. You can check these sites with Web of Trust for example as well. These sites can contain Malware. ;)




[2] Spybot Search & Destroy 1.6.0
I would like you to uninstall Spybot 1.6.0
After that, reboot your computer, delete all leavings (http://www.safer-networking.org/en/howto/uninstall.html) and download a newer version from here (http://www.safer-networking.org/en/mirrors/index.html).



[3] AVG-Free 8.0.176
Is there a reason, why you don't have AVG 9.x installed? :scratch:

Be sure that your (security) tools are always up to date!


Hope that helps... :)

Matt:

… “fake sites”. That answers my Q.

Older versions SB & AVG… short answer is: I installed Debian GNU/Linux on separate HD a
few years ago. Since then, I’ve only fired up XP-Home (SP2 ?) a couple of times.

I’m years behind all the updates. I can’t even access Windows Updates for some reason… a perilous state to be in. I took a boo at what it might take to regain access. But AFAICT, it looks like too much
time & effort to maintain an OS MS doesn’t support anymore. “Network Diagnostics” says there doesn’t
appear to be any problem with my network connection to http://go.microsoft.com/fwlink/?LinkId=148275 or any other link to the Windows Update repos. But, my IE7 alerts with irritating consistency: “Internet Explorer cannot display the webpage(s)”.

Similarly, SB auto update stopped working sometime or other. I d/l the manual updates. Given that I’m disinclined to spend a lot of time figuring out the exigencies of maintaining security s’ware that is superfluous on Debian, it’s a good bet further research might reveal my depreciated v. of SB is the reason my auto-update stopped working.

That said, my rule of thumb has been that updating and patching W-XP is a 'conditio sine qua non' for d/l programs and apps from the internet; including security s'ware.

You’ve answered my Q, and I hope my providing a little background isn't taken as provokation to start a debate on the relative merits of MS vs. Open Source. I’m not technically qualified and the missus has long 'ere advised (beaten it into) me that I'm not to express opinions without vetting them through her.

A sincere thanks for your thoughtful, complete, and well-reasoned reply.