Yes, they're pinging localhost. Firefox is blocking them (Reported Attack Site!). But you may be right - these may just be bad entries at the beginning. There are only 6 of them (out of some 10,000), and checking one shows it later in the list twice - .qoogler.com is later listed as www.qoogler.com and qoogler.com.
I don't think too many on the list look to Tom for advice about IPv6 or Vista. I'm enjoying Vista, and I know Vista's UAC is a good first line of defense against today's MBR viruses. http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot On Mon, Dec 8, 2008 at 8:22 PM, Chris Dunford <[EMAIL PROTECTED]> wrote: > Incidentally, at some point I noticed something in one of your messages but > forgot to mention it: I'm not sure that the syntax Spybot seems to be using > is valid. You showed this entry, which appeared to have been inserted by > Spybot: > > 127.0.0.1 .archivioadulti.com > > It looks like they are trying to "wildcard" the URL so that the entire > domain "archivioadulti.com" is blocked--but the hosts file is concerned with > URLs, not domains (that's a job for a firewall or a good DNS server like > OpenDNS). Anyway, I can't find any documentation that says this syntax is > valid. > > I tried it here, and it doesn't seem to work (pinging www.yahoo.com): > > 127.0.0.1 .yahoo.com # doesn't work > 127.0.0.1 yahoo.com # doesn't work > 127.0.0.1 www.yahoo.com # does work > > When you said that your hosts is now working, did that include the Spybot > entries? ************************************************************************* ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *************************************************************************
