HpHOSTS ?€“ untrustworthy resource

hpHOSTS is a web site of the community managed hosts file, which is used for blocking access to thousands of malicious web sites. This file can be merged with the user’s current hosts file, but can also replace the original. Once installed, hpHOSTS blocks access to more than 46,000 host names. All of these host names should be related to known spyware and adware pushers, advertisers, virus makers and other questionable players.

A quality crafted hosts file helps to avoid accidental infections and minimize the damage from active parasites. 2-Spyware.com understands how important a secure hosts file is. However, we have to ask all our visitors to stop using the hpHOSTS service, because it blocks legitimate domains 2-Spyware.com and Jurgita.com without reason.

The latest hpHOSTS file can be downloaded from the hosts-file.net site. We have installed it on several machines. As a result, none of these computers could access 2-Spyware.com, Jurgita.com and other sites on the hpHOSTS list. In our tests we used several ways to install the hosts file. One of them is by using the HostsMan 2.0.1 program. This application can automatically download and install the hpHOSTS file. The image below clearly shows that legitimate domains 2-spyware.com, www.2-spyware.com and jurgita.com are blocked. Furthermore, these are not the only legit sites on the hpHOSTS list. Some other trustful resources are also blocked out. The following list includes only a small part of legitimate domains that the hpHOSTS file blocks:

adaware.com – official domain of Lavasoft, makers of Ad-Aware anti-spyware series, Lavasoft Personal Firewall and other legitimate security-related software
stopzilla.com – official domain of STOPzilla, makers of the same named Internet security program
partypoker.com – PartyPoker is the world’s largest poker room
noblepoker.com – Noble Poker is a licensed poker room
intellitxt.com – official domain of Vibrant Media, providers of contextual advertising solutions
www.urchin.com – Site stats analysis software which now owned by Google
www.webtrends.com – Another great traffic analysis software
adwords.google.com – Google service to purchase ads in their search engine
www.regnow.com – another affiliate marketing network
www.looksmart.com – well known Search engine for commercial results
www.kanoodle.com – another search engine for paid results.
www.linkshare.com – an affiliate network
enigmasoftwaregroup.com – official domain of Engima Software Group, makers of SpyHunter, a popular spyware remover
hey.lt – Lithuanian web site rating service)

There are more harmless sites in the file.

The 2-Spyware.com team has asked hpguru and YoKenny, hpHOSTS administrators, why legitimate web sites 2-Spyware.com and Jurgita.com are on the hosts to block list? Neither of these sites distributes spyware or adware parasites or is involved in any other illegal activity. 2-Spyware.com and Jurgita.com do NOT serve any unsolicited advertisements, do NOT push malware on visitor computers and do NOT provide any inappropriate content. Furthermore, the 2-Spyware.com project is dedicated to removal of spyware parasites.

The following message was posted on hpHOSTS Hosts File Support Forum in the HOSTS Outbox section:

Hello, hpguru.

I represent the 2-Spyware.com project. It recently came to my attention that the hosts file provided by hpHOSTS, actually blocks legitimate addresses including www.2-spyware.com, 2-spyware.com and jurgita.com. Other harmless Internet resources like enigmasoftwaregroup.com, the official web site of SpyHunter, a legitimate spyware remover) are also on the list. If I understand correctly, block lists like yours should prevent accessing malicious hosts related to advertisers, spyware and adware pushers, virus makers, etc. Popular projects like 2-Spyware.com and Jurgita.com CANNOT be blocked, as they do NOT run aggressive or deceptive advertising campaigns, do NOT push malware on visitor computers and do NOT provide any inappropriate content. Furthermore, 2-Spyware.com is a big anti-spyware community itself. It is the project dedicated to removal of spyware, not its distribution.

So, why does the hpHOSTS file, the block list contain legitimate domains 2-Spyware.com and Jurgita.com? I want you to explain this to 2-Spyware.com visitors. Moreover, I ask you to remove legitimate hosts 2-Spyware.com and Jurgita.com from the list of malicious resources and update the hpHOSTS file.

For your information:

2-spyware.com project is dedicated to removal of spyware parasites. It helps to find proper spyware remover, analyses various security and privacy threats. It is an extensive informational resource providing all Internet users with exact and professional, but yet easily understandable information about different spyware, computer parasites, unsolicited and potentially dangerous programs.

The site offers manual and automatic spyware removal instructions of thousands of parasites, useful articles, thorough tutorials and important analyses as well as recent news and other details on spyware-related issues.

Jurgita.com is online magazine which provides professional modeling services. We are not just another dull site, we are in real modeling business, and known as agency "Supermodels" between the modeling agencies. Jurgita.com is the modeling magazine of the agency. Here we publish news, advices, tips, beauty secrets, everything what is needed for beginner and professional model. As an agency we have lots of friends inside modeling industry. We work closely with the biggest modeling networks like NEXT, IMG, Elite. Our models succesfully works in the biggest modeling markets in London, Paris, Milan, Barcelona, Tokyo, Athens, New York.

Jurgita.com gives advices and showcase to models of all shapes and sizes. All models are strictly categorised into the modeling types. Agencies, photographers and other modeling industry professionals can choose from fashion, commercial and glamour types of models. Also They can find plus size, petite, preteen, teenage models, adult models and other special types of models.

After this message, one of our representatives (nick SP2) was asked by hpguru, the hpHOSTS administrator, to provide his confidential information including real first and last name, professional title and business physical address. Our colleague sent a private message containing the requested information.

It must be noted that hpguru asks each visitor whishing to request removal of certain web sites to provide the same confidential data. Although visitors can submit this information to hpguru by private message, it still looks very strange. Who is hpguru? Why should visitors tell him their identity details?

Your removal request must include the following verifiable information*:

1) Your real first and last name.**
2) Your email address.**
3) Your professional title.
4) The physical address of your business.
5) The site or list of sites to be removed.
6) The purpose of your site(s).
7) The primary entry point(s) into your site(s).
8) The reason why you think your site does not belong in hpHOSTS.

After providing the requested details, we received a response from hpguru:

SP2 it seems to me after a little Googling that other professionals in the field have already explained to you in detail why your sites are "listed" and yet to date you have in my opinion failed miserably to address their concerns but have chosen rather to viciously malign such highly esteemed professionals in the field as Suzi and Webhelper. In my opinion that is not the mark of a trustworthy security provider. I think you should first publicly apologize to Suzi, Webhelper and any other security professionals you have attacked on their own turf and really address their concerns fully and in an honest and open fashion. If they acknowledge your efforts as genuine then and only then can we talk about delisting your sites from hpHOSTS.

However, we couldn’t agree with this answer, simply because it was based on twisted facts.

YoKenny, another hpHOSTS administrator, has complemented hpguru in no time:

Way to go!

I wish that parasite would become a target of a suicide bomber but thatwould be too quick but I would rather they spend some time in an Iraqor Iran prison for a bit of "re-education" on how to NOT psuk with people’s computers.

I guess that living under Russian Comunism in Latvia for so long thatthat type of invasion of privacy was normal and expected.

That was a real insult! Most people’s blood would boil! However, even offensive words did not stop us from making another attempt to continue a civilized discussion:

Hi, hpguru and YoKenny

The 2-Spyware.com team as well as thousands of 2-Spyware.com visitors already made an opinion of the hpHOSTS project and so-called "security experts" supporting it.

First of all, I need to bring to hpguru’s notice the fact that Suzi has publicly apologized to one of the 2-Spyware.com representatives, and so did my colleague Jurgita. Please visit this thread on Spyware Warrior. Other reputable security professionals are aware of this fact and therefore have nothing against 2-Spyware.com. So, hpguru, next time you google, please do this carefully.

Secondly, the 2-Spyware.com team has doubts about the advantages of using the hpHOSTS Hosts File. Just look at the domains your file blocks:

adaware.com (Lavasoft Ad-Aware SE anti-spyware. That’s a real parasite?)
partypoker.com (One of the most popular poker rooms. Extremely dangerous, isn’t it?)
stopzilla.com (STOPzilla – legitimate security software)
intellitxt.com (These services are used by numerous legitimate sites like Bleeping Computer, IAmNotGeek, etc.)

It looks like using hpHOSTS Hosts File may severely complicate usual web surfing and prevent the user from visiting legitimate web sites including security-related resources.

Need more examples? Please read this article and our news post. Stand by for updates. We will publish them very soon.

We also have a little question for YoKenny, the hpHOSTS administrator. Does threatening other people just because they post on hpHOSTS forums look acceptable for you? Do we have to remind you of your own words? Here they are:

I wish that parasite would become a target of a suicide bomber but thatwould be too quick but I would rather they spend some time in an Iraqor Iran prison for a bit of "re-education" on how to NOT psuk with people’s computers.

I guess that living under Russian Comunism in Latvia for so long thatthat type of invasion of privacy was normal and expected.

Such worm words. I just have to take this as an insult. You might say that you have edited this fragment out. But let’s face the truth. It was in your post for quite a long time. YoKenny, I (SP2) am NOT Jurgita or Ugnius. hpguru knows my name. You should apologize for calling me a "parasite" and "a target of a suicide bomber".

SP2 and the 2-Spyware.com team

P.S. Lithuania is not the same as Latvia. These are two independent states in Europe. Proudly members of European Union.

As you can see, the 2-Spyware.com team didn’t speak in the same way as one foul-mouthed "security expert". Nevertheless, our last post was deleted without notice:

Removed for TOS violation.

This forum is not a venue for posting flames.

Moreover, so-called "security experts" have banned our colleague from the hpHOSTS forum. Now we as well as hundreds of thousands of Internet users in Lithuania are unable to access the hpHOSTS site directly without using proxy servers.

hpHOSTS "experts" showed their real faces. They are not professionals, but crude imposters, who will ban anyone for opinions different from their own. Their services do not actually help Internet users, but complicate their everyday web surfing and prevent them from accessing useful legitimate resources instead.

We encourage all 2-Spyware.com visitors to stop using the hpHOSTS hosts file and any other hpHOSTS services they provide. Boycott hpHOSTS!



  • Bora DURSUN

    Why bother that much?

    Just advise people to remove the entries belonging to the legit sites from the hosts. file. This can also be done by adding a # to the begining of the line.

    Eg:
    127.0.0.1 http://www.2-spyware.com
    becomes
    #127.0.0.1 http://www.2-spyware.com
    So, this line will be ignored.

    No proxies needed…

    Yet, I belive the removal process should be more easier as I, too, face some issues with the sites I use often…

  • jackson

    They pull the same crap over at WOT, don’t sweat it. It’s the same group of so called professionals that seem to have time to flag stuff to tune of like 12,000 sites yet somehow have to time to actually work in the industry.

    I was cross checking a few things and noticed that anytime the above mentioned flags something his cronies file in rank to astroturf the WOT ratings. Its quite a shame because WOT was a cool initiative but its frankly turning to crap quickly.

    Thanks for making a civil, fact based post about it. I never give much credence to folks who hide behind web monikers. They will get their rewards in due course.
    J.

  • Sam

    A lot of those websites sell rogue or de-listed rogue software.

Like us on Facebook
News
Subscribe
Ask us
Parasites
Tags
Files
What's your antispyware?
Compare