Updating HOSTS file

  • 11 February 2014
  • 10 replies
  • 1271 views

Userlevel 3
Badge +1
Hi
 
Under the Shields options there is the option to 'Prevent any program from modifying the HOSTS file'.
 
If I allow a particular program or service under 'Block/Allow Files' will this override the above option i.e. allow that program or service to update the HOSTS file?
 
Else is there another way of whitelisting a particular program or service to achieve this? Or is the only solution to temporarily uncheck that option above?
 
Rgds - Paul
 

10 replies

Userlevel 7
Hello paulderdash!
 
Now there is a mighty good question, and to be honest I have no clue of the answer!  What I DO know is that malware manipulation of the hosts file is not at all common anymore, not anything like it used to be in the past.  Take a look at This Thread and note the comments from Webroot staff regarding the hosts file.  
 
Unchecking that option, especially temporarily, will probably be quite safe, but don't forget all of the other protections that Webroot uses which would detect any problems and protect you anyway.
Userlevel 3
Badge +1
Thanks DavidP1970!
 
I know it is probably a bit of an obscure question ...
 
What I am after is somehow allowing HostsMan to update the HOSTS file with the  MVPS HOSTS file (which blocks ads, banners, 3rd party cookies, etc. from included sites) and to allow Unchecky which uses the HOSTS file to prevent installation of PUAs.
 
I do know that WSA will prevent HostsMan updating the HOSTS file while the option is ticked (without whitelisting it first).
 
For now I shall leave the option ticked, and only untick it when I manually update the MVPS HOSTS file and stop / start the Unchecky service, but I'll also try to determine what WSA does with the option ticked, and these two programs allowed.
 
Rgds - Paul
Userlevel 7
Have you tried using a browser installed plugin (like adblock) and using a master list of blocked sites/URL`s? Thats what I do
Userlevel 3
Badge +1
Hi Roy

Yes I do - Adblock Plus with Adblock Edge lists as per this link. http://www.areweprivateyet.com/ (if links are allowed).

So I am sure I am doubling up with MVPS HOSTS file, but was just playing around in idle moments! I liked the idea of what Unchecky tries to do as well.
Userlevel 5
Hello Paulderdash,
Very interesting scenario you have presented. Without physically testing this and only running this in my virutal environment in my head, I would have to say that the option to prevent any program from modifying the HOSTS file will trump any file determinied as good or set as allowed via ID Shield. 
If that option was part of the ID shield not the Core System Shield, I would say that you could allow specific programs acess to HOSTS.
 
If by chance you are able to prove otherwise, I sure would like to know!
 
Thanks Paulderdash, happy testing!
Still a problem. Cannot update hosts file, blocked. As an Admin logon cannot even right click open Webroot to set anything mentioned here. Seems to be too locke down. Need to fix this before replacing this protection with one that will work. Cannot even stop Webroot protection from Task Manager. Very ignorant of the system admin...
Userlevel 7
Hello Anothercalifornian, welcome to the Community!
 
What version of WSA is installed on your device?  WSA is VERY customizable in terms of 'self security', and it sounds like your copy has pretty much all options turn on, which would be the default of the Business Endpoint.  If you are using the Business Endpoint version, you do need to contact the SysAdmin.
 
Otherwise, you should be able to open WSA and click Advanced Settings and then go to Access Control to make adjustments there and then Shields in regards to the HOSTS file.
 
I hope this helps!
Currently no right click menu from the menu to make any changes. I am going to see if there is a problem with it knowing I am an admin....
Nothing can start up the WSA to configure or show anything. Seems to be locked...Says protected when I hover over the tray icon, but that seems normal. Win8.1 tried to open the icon or the Modern interface link..nothing happens.
Yep had to do a full restart to get to acmenu and turn off hosts file protection. Something make it clam up maybe?

Reply