There are now global OS firewall controls for some program actions, including "modifying"* the HOSTS file.
Go to Program Control --> Main --> Custom and click on the OS Firewall Tab. Change the setting for hosts file to something other than ASK.
If you choose X, then no program can modify the file, including those with Super permission. THis may not be what you want if you use programs that update your HOSTS with known bad sites.
Choose the green tick, and any program can modify it.
Choose "--" (program setting) and any program with a trust level of "Super" can modify it. This is probably the best choice if you do use the HOSTS for blocking bad sites.
* Why does Ewido want to modify it? Well, ewido checks the HOSTS to make sure that the domain it uses to get updates from is NOT in there. If it is there, it is removed to make sure the update file it retrieves is the genuine file, not something that unknown malware redirected it to, via HOSTS.
As soon as Ewido opens the HOSTS file (it must open it for Read/Write) ZA pops up its alert. So you get the alert even if Ewido doesn't actually change HOSTS, but it acts as though it might be going to. Basically if a program is allowed to get a Read/Write handle on a file, it's already too late to stop modifications by that program.
There are currently 1 users browsing this thread. (0 members and 1 guests)