Microsoft and or MVPS.org are in no way affiliated with, nor offersendorsement of, this site.

Microsoft and or MVPS.org are in no way affiliated with, nor offers
endorsement of, this site.

It says that at the bottom of the page!

http://winhelp2002.mvps.org/hosts.htm

Does anyone know why Malwarebytes didn't use this Hosts file rather than
the one produced by Steven Burn?

=

FYI https://forums.malwarebytes.com/topic/195570-taggedcom/

MysteryFCM *is* a posting nym of Steven Burn

I like to think of him as being one of the good guys! ;-)

DGB wrote:

Microsoft and or MVPS.org are in no way affiliated with, nor offers
endorsement of, this site. It says that at the bottom of the page!

You didn't know what MVPS means? The "M" does *NOT* mean Microsoft. In
fact, the complete title is Microsoft MVP. There have been other users
here claiming to be an MVP who weren't and even tried to setup a site to
pretend they represented Microsoft (e.g., PC Butts). MVPs worked with
the domain registrar to get the faker neutered.

More info about the MVP program at:

https://mvp.microsoft.com/en-us/
https://en.wikipedia.org/wiki/Most_valuable_player

When Microsoft abandoned newsgroups and withdrew to their web-based
forums, most of the MVPs followed.

This is an newsgroup, part of Usenet and uses NNTP, not a web site.
None of the microsoft.* newsgroups are official communication venues for
Microsoft, either.

http://winhelp2002.mvps.org/hosts.htm

Does anyone know why Malwarebytes didn't use this Hosts file rather than
the one produced by Steven Burn?

So, is that your real question instead of what you put in your Subject.
Why not ask them? You sure they even use a pre-compiled hosts file?

There are several pre-compiled hosts files. Each has a different focus
based on the author(s) intent. I'd still like proof that MalwareBytes
even bothers with a hosts file. They have their own blacklist, just
like any anti-virus software does and why their effectiveness varies.

FYI https://forums.malwarebytes.com/topic/195570-taggedcom/

Considering the childish rant that begins that thread, why would you
bother citing that inane poster? The poster was obviously there to
rant, not to get help or even make a genuine inquiry.

MysteryFCM *is* a posting nym of Steven Burn

Again, please focus. Just why did you post here?

I like to think of him as being one of the good guys! ;-)

So, why present a URL to a thread started by a ranting child?

On Wed, 3 Jul 2019 10:32:50 +0100, DGB wrote:

Microsoft and or MVPS.org are in no way affiliated with, nor offers
endorsement of, this site.

Everybody knows, nobody cares.

FWIW, Google.com is in no way affiliated with, nor offers
endorsement of Apple.com. WOW!!!! Now that's phishing !!!!

Noobs, beware, visit this site before replying to the STALKER:

https://tekrider.net/pages/david-brooks-stalker.php

44 #FAKE_NYMS and counting.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

On 03/07/2019 14:06, VanguardLH wrote:
DGB wrote:

Microsoft and or MVPS.org are in no way affiliated with, nor offers
endorsement of, this site. It says that at the bottom of the page!

You didn't know what MVPS means? The "M" does *NOT* mean Microsoft.

Wtf!!! Of course the 'M" means Microsoft!

https://en.wikipedia.org/wiki/Micros...e_Professional

In fact, the complete title is Microsoft MVP. There have been other users
here claiming to be an MVP who weren't and even tried to setup a site to
pretend they represented Microsoft (e.g., PC Butts). MVPs worked with
the domain registrar to get the faker neutered.

More info about the MVP program at:

https://mvp.microsoft.com/en-us/
https://en.wikipedia.org/wiki/Most_valuable_player

No, he https://en.wikipedia.org/wiki/Micros...e_Professional

When Microsoft abandoned newsgroups and withdrew to their web-based
forums, most of the MVPs followed.

This is an newsgroup, part of Usenet and uses NNTP, not a web site.
None of the microsoft.* newsgroups are official communication venues for
Microsoft, either.

Agreed.

http://winhelp2002.mvps.org/hosts.htm

Does anyone know why Malwarebytes didn't use this Hosts file rather than
the one produced by Steven Burn?

So, is that your real question instead of what you put in your Subject.
Why not ask them? You sure they even use a pre-compiled hosts file?

Malwarebytes DOES use their own Hosts file.

There are several pre-compiled hosts files. Each has a different focus
based on the author(s) intent. I'd still like proof that MalwareBytes
even bothers with a hosts file. They have their own blacklist, just
like any anti-virus software does and why their effectiveness varies.

https://forum.hosts-file.net/viewtopic.php?f=21&t=27

FYI https://forums.malwarebytes.com/topic/195570-taggedcom/

Considering the childish rant that begins that thread, why would you
bother citing that inane poster? The poster was obviously there to
rant, not to get help or even make a genuine inquiry.

MysteryFCM *is* a posting nym of Steven Burn

Again, please focus. Just why did you post here?

I like to think of him as being one of the good guys! ;-)

So, why present a URL to a thread started by a ranting child?

Perhaps that was a mistake. Sorry.

"VanguardLH" wrote
|
| Microsoft and or MVPS.org are in no way affiliated with, nor offers
| endorsement of, this site. It says that at the bottom of the page!
|
| You didn't know what MVPS means?

You've been suckered by so-called "Boater Dave", who
has an odd compulsion of trying to draw people into
nonsensical discussions and then asking personal questions.

On Wed, 3 Jul 2019 14:51:35 +0100, DGB wrote:

CUT_OBVIOUS_OFF_TOPIC_STALKING_AND_PHISHING

So, why present a URL to a thread started by a ranting child?

Perhaps that was a mistake. Sorry.

You forgot the smiley. So you can say "I was only joking"
later.

Noobs, beware, visit this site before replying to the STALKER:

https://tekrider.net/pages/david-brooks-stalker.php

44 #FAKE_NYMS and counting.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

DGB wrote:

VanguardLH wrote:

You didn't know what MVPS means? The "M" does *NOT* mean Microsoft.

Wtf!!! Of course the 'M" means Microsoft!
https://en.wikipedia.org/wiki/Micros...e_Professional

If "M" meant Microsoft then the award would be called "Microsoft
Microsoft Value Player". That's not the name. If you wanted to shorten
Microsoft into the acronym then it would be MMVP.

There are several pre-compiled hosts files. Each has a different focus
based on the author(s) intent. I'd still like proof that MalwareBytes
even bothers with a hosts file. They have their own blacklist, just
like any anti-virus software does and why their effectiveness varies.

https://forum.hosts-file.net/viewtopic.php?f=21&t=27

That discusses one of many hosts file. It does not claim that
MalwareBytes uses one nor even alludes to MalwareBytes using one.

MalwareBytes acquired hphosts, a website, back in 2011. I don't know
when Steven Burn joined MalwareBytes.

Windows looks for a hosts file in only one location (specified by
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters
for its DataBasePath value), which is, by default:

C:\Windows\system32\drivers\etc

To use a different hosts file means having to overwrite the one in that
location. That method is easily hijack-able and why it is not used by
anti-malware software; however, the registry entry may be monitored for
tampering and the hosts file scanned for known malicious hostnames.

Again, and back to your original claim, prove MalwareBytes supplants the
hosts file. If you are using MalwareBytes, go look at the current
contents of your hosts file. Unless you have overwritten it, does it
have anything more than "127.0.0.1 localhost"? If there are more
entries, does the comment section mention hpHosts?

The hpHosts hosts file is far more "sloppy" in that it contains a lot of
iffy entries. The hpHost host file, according to its site, has 530,578
entries, yet uBlock Origin, when it retrieves the hpHosts list, gets
45,736 entries. The MVPS hosts file has 13,193 entries. Dan Pollock's
hosts file has 14,517 entries. Peter Lowe's hosts file has 2,950
entries. Using hpHosts means lots of false positives based on old slop
that never gets removed, plus they have their own criteria as to what
constitutes a "bad site". Unlike the other mentioned pre-compiled hosts
files, the hpHosts file does not contain a line showing when it was last
updated. The only way to find when the file got last updated is to
visit https://hosts-file.net/?s=Download. I don't use that hosts file,
so I don't know how often it gets updated, or if it ever goes down in
size (as evidence they expire old entries).

"hpHosts is a community ...". No list of the contributors in that
community. That MalwareBytes owns the domain does not dictate that only
MalwareBytes contributes to that hosts file. Like mosts pre-compiled
hosts files, there is no official declaration for the intent of the
compilation.

hpHosts has been too sloppy for me to use. The hpHosts hosts file lists
those hosts that meet ONLY their "ATS classification"; see
https://hosts-file.net/?s=classifications. There is no information as
to when they expire an old entry, or when they retest an old entry.

https://forum.hosts-file.net/viewtop...xpire#p15 108

So, entries never expire in hpHosts. That means the only good use of
this hosts file is to see a history of hosts that sometime in that past
got added to their list and does not reflect the current behavior of
those hosts. Geez, what a worthless list. From what I saw there, the
only entries that get removed is when owners of the sites complain to
get themself removed, but I didn't bother checking on how effective that
is. A bad-sites list that never gets updated to expire ancient and
no-longer-known hosts is likely to remove entries upon request. This
explains why hpHosts is far larger than any other pre-compiled hosts
file.

https://github.com/certtools/intelmq..._Activities.md
"hpHosts is a community managed".

That doesn't make it sound like hpHosts is managed solely by
MalwareBytes, just that the site's resources are paid for by
MalwareBytes, much like GitHub and Google Code provide and pay for the
resources to provide code repositories.

Again, and assuming you are using MalwareBytes [AntiMalware aka MBAM],
look to see what is in your C:\Windows\system32\drivers\etc\hosts file
right now.

On 03/07/2019 17:59, VanguardLH wrote:
DGB wrote:

VanguardLH wrote:

You didn't know what MVPS means? The "M" does *NOT* mean Microsoft.

Wtf!!! Of course the 'M" means Microsoft!
https://en.wikipedia.org/wiki/Micros...e_Professional

If "M" meant Microsoft then the award would be called "Microsoft
Microsoft Value Player". That's not the name. If you wanted to shorten
Microsoft into the acronym then it would be MMVP.

You are correct ...ish! I had a brain fart. It's 'Professional', though,
not 'Player'.

There are several pre-compiled hosts files. Each has a different focus
based on the author(s) intent. I'd still like proof that MalwareBytes
even bothers with a hosts file. They have their own blacklist, just
like any anti-virus software does and why their effectiveness varies.

https://forum.hosts-file.net/viewtopic.php?f=21&t=27

That discusses one of many hosts file. It does not claim that
MalwareBytes uses one nor even alludes to MalwareBytes using one.

MalwareBytes acquired hphosts, a website, back in 2011. I don't know
when Steven Burn joined MalwareBytes.

Windows looks for a hosts file in only one location (specified by
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters
for its DataBasePath value), which is, by default:

C:\Windows\system32\drivers\etc

To use a different hosts file means having to overwrite the one in that
location. That method is easily hijack-able and why it is not used by
anti-malware software; however, the registry entry may be monitored for
tampering and the hosts file scanned for known malicious hostnames.

Again, and back to your original claim, prove MalwareBytes supplants the
hosts file. If you are using MalwareBytes, go look at the current
contents of your hosts file. Unless you have overwritten it, does it
have anything more than "127.0.0.1 localhost"? If there are more
entries, does the comment section mention hpHosts?

No, I'm not using Malwarebytes right now.

Did you look here? https://hosts-file.net

It's now owned by Malwarebytes, or so it says.

The hpHosts hosts file is far more "sloppy" in that it contains a lot of
iffy entries. The hpHost host file, according to its site, has 530,578
entries, yet uBlock Origin, when it retrieves the hpHosts list, gets
45,736 entries. The MVPS hosts file has 13,193 entries. Dan Pollock's
hosts file has 14,517 entries. Peter Lowe's hosts file has 2,950
entries. Using hpHosts means lots of false positives based on old slop
that never gets removed, plus they have their own criteria as to what
constitutes a "bad site". Unlike the other mentioned pre-compiled hosts
files, the hpHosts file does not contain a line showing when it was last
updated. The only way to find when the file got last updated is to
visit https://hosts-file.net/?s=Download. I don't use that hosts file,
so I don't know how often it gets updated, or if it ever goes down in
size (as evidence they expire old entries).

"hpHosts is a community ...". No list of the contributors in that
community. That MalwareBytes owns the domain does not dictate that only
MalwareBytes contributes to that hosts file. Like mosts pre-compiled
hosts files, there is no official declaration for the intent of the
compilation.

hpHosts has been too sloppy for me to use. The hpHosts hosts file lists
those hosts that meet ONLY their "ATS classification"; see
https://hosts-file.net/?s=classifications. There is no information as
to when they expire an old entry, or when they retest an old entry.

https://forum.hosts-file.net/viewtop...xpire#p15 108

So, entries never expire in hpHosts. That means the only good use of
this hosts file is to see a history of hosts that sometime in that past
got added to their list and does not reflect the current behavior of
those hosts. Geez, what a worthless list. From what I saw there, the
only entries that get removed is when owners of the sites complain to
get themself removed, but I didn't bother checking on how effective that
is. A bad-sites list that never gets updated to expire ancient and
no-longer-known hosts is likely to remove entries upon request. This
explains why hpHosts is far larger than any other pre-compiled hosts
file.

https://github.com/certtools/intelmq..._Activities.md
"hpHosts is a community managed".

That doesn't make it sound like hpHosts is managed solely by
MalwareBytes, just that the site's resources are paid for by
MalwareBytes, much like GitHub and Google Code provide and pay for the
resources to provide code repositories.

Again, and assuming you are using MalwareBytes [AntiMalware aka MBAM],
look to see what is in your C:\Windows\system32\drivers\etc\hosts file
right now.

I have used MBAM in the past, but am not doing so currently. I'll
respond again from my Windows10 laptop!

You are very knowledgeable about such matters and I've always enjoyed
reading your responses. Thank you. :-)

On 03/07/2019 17:59, VanguardLH wrote:
Again, and assuming you are using MalwareBytes [AntiMalware aka MBAM],
look to see what is in your C:\Windows\system32\drivers\etc\hosts file
right now.

This is what I see on my Windows10 laptop:-


# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

DGB wrote:

Did you look here? https://hosts-file.net
It's now owned by Malwarebytes, or so it says.

Yep, says managed by MalwareBytes. The hosts file existed before
MalwareBytes took over the site. The community of volunteers and
reporters continued after the acquisition. Altruistic ventures last as
long as the donor has the money to fork out that others can take
advantage off. Sometimes that doesn't last, and the owner either
discontinues their gift, is forced from donations to payware, or finds a
sponsor who is also altruistic but with deeper pockets. That
MalwareBytes foots the bill for the web site doesn't say they are now
the sole authors of the hosts file and the entire community of reporters
has vaporized.

Ever see all those stickers on Nascar cars? Those are sponsors, not
owners.

On 03/07/2019 15:25, Mayayana wrote:
"VanguardLH" wrote
|
| Microsoft and or MVPS.org are in no way affiliated with, nor offers
| endorsement of, this site. It says that at the bottom of the page!
|
| You didn't know what MVPS means?

You've been suckered by so-called "Boater Dave", who
has an odd compulsion of trying to draw people into
nonsensical discussions and then asking personal questions.

I never really try to hide, Mayayana!

There's one of my posts here on the forum. Did you read it?

https://forum.hosts-file.net/viewtopic.php?f=14&t=3862

You can look me up on LinkedIn if you wish!

DGB wrote:

On 03/07/2019 15:25, Mayayana wrote:
"VanguardLH" wrote
|
| Microsoft and or MVPS.org are in no way affiliated with, nor offers
| endorsement of, this site. It says that at the bottom of the page!
|
| You didn't know what MVPS means?

You've been suckered by so-called "Boater Dave", who
has an odd compulsion of trying to draw people into
nonsensical discussions and then asking personal questions.

I never really try to hide, Mayayana!

There's one of my posts here on the forum. Did you read it?

https://forum.hosts-file.net/viewtopic.php?f=14&t=3862

You can look me up on LinkedIn if you wish!

Nymshifting is hiding by not presenting a consistent Usenet identity and
the behavior of trolls.

On 04/07/2019 00:06, VanguardLH wrote:
DGB wrote:

On 03/07/2019 15:25, Mayayana wrote:
"VanguardLH" wrote
|
| Microsoft and or MVPS.org are in no way affiliated with, nor offers
| endorsement of, this site. It says that at the bottom of the page!
|
| You didn't know what MVPS means?

You've been suckered by so-called "Boater Dave", who
has an odd compulsion of trying to draw people into
nonsensical discussions and then asking personal questions.

I never really try to hide, Mayayana!

There's one of my posts here on the forum. Did you read it?

https://forum.hosts-file.net/viewtopic.php?f=14&t=3862

You can look me up on LinkedIn if you wish!

Nymshifting is hiding by not presenting a consistent Usenet identity and
the behavior of trolls.

It took me a long time to recognise that one must always respond to what
is said in a message/post - and not really take account of the 'name' of
the poster.

I commend you personally for always having stuck to your guns,
VanguardLH. You are in my book as one of the Usenet 'good guys'! :-)

On Thu, 4 Jul 2019 00:30:53 +0100, DGB wrote:

It took me a long time to recognise that one must always respond to what
is said in a message/post - and not really take account of the 'name' of
the poster.

What if the poster ALWAYS twists whatever he originally posted
to criminal STALKING ?

What was the point of the subject line ?
Ah, to get personal info on a Malwarebytes employee ? So very
MVPs related .... NOT.
You never change.

https://tekrider.net/pages/david-brooks-stalker.php

44 #FAKE_NYMS and counting.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

"DGB" wrote:
On 03/07/2019 15:25, Mayayana wrote:
"VanguardLH" wrote
| You didn't know what MVPS means?

You've been suckered by so-called "Boater Dave", who
has an odd compulsion of trying to draw people into
nonsensical discussions and then asking personal questions.

I never really try to hide, Mayayana!

He didn't say you did.

There's one of my posts here on the forum. Did you read it?

https://forum.hosts-file.net/viewtopic.php?f=14&t=3862

What relevance is that when there's nothing of any substance to read
and why would you link to a thread that is a poor reflection on
yourself?

Seems like the "nonsensical discussion" point, which you didn't
address, is correct. So, consider me drawn in (on a temporary basis).