How To Block Adservers with Windows Hosts File

This DIY computer tweak is for the web and blog addicts on this site. (I resemble that remark.)  It will block most adservers and provide a happier, faster, and more secure websurfing and blogging experience.  This post was prompted by a conversation on another topic in which a community member mentioned he was having trouble with popups and ads on a link I provided.  I wrote this article a couple of weeks ago for another community.  Please read this whole thing and understand it before attempting it; you will be monkeying with Windows system files.

It all started this morning with a pre-caffeine accidental right click on a banner ad in that annoying popup Yahoo Messenger displays on startup. The following dialog appeared which I found to be particularly creepy:

Adobe Flash Player Settings: Privacy: Allow 2mdn.net to access your camera and microphone?

I don’t have either a camera or a microphone, but I didn’t have any idea that Flash Player could even do this. The 2mdn.net site looked pretty fishy, too, so I searched for it on DogPile. That was where the enlightenment began.Turns out that 2mdn.net is an adserver. And in amongst my search results was an independent ISPs page containing a sweet hack to disable adservers using the Windows hosts file. Here’s the link to that page: http://pgl.yoyo.org/adservers/index.php#how

The process was pretty straightforward for XP:

1.       I copied the text from this page: http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts;showintro=0

2.       I pasted the text into WordPad and saved it a text file on my desktop.

3.       I removed the .txt file extension manually.

4.       I found the hosts file at C:\Windows\system32\drivers\etc (the link on their page has an extra \drivers\in it).

5.       I opened the existing hosts file and examined it, comparing it to the one I had just out of paranoia:

# Copyright (c) 1993-1999 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

The last four lines (the two example lines and the actual entry for localhost) are what’s important. This validated the method they showed, so I’m now certain that I haven’t stumbled upon something malignant. Yeah, I’m paranoid, and my trust of stuff I find online about equals my trust of politicians (as in a large negative value). Below is a snippet of the file they provided:

127.0.0.1 24pm-affiliation.com

127.0.0.1 2log.com

127.0.0.1 2mdn.net

This shows all of the adservers being set to the same address as the localhost, not to their actual address. And there’s creepy old 2mdn.net. Happy day!

6.       I saved the old hosts file to my desktop as hosts_old as a backup just in case.

7.       Interestingly, at about this point, Windows Defender took notice of what I was doing. Windows Defender also didn’t like when I opened the new hosts file I had just created, either. Shows that WD works at least a little.  (NOTE:   I have since told WD to ignore changes to the hosts file and set a reminder for myself to check that file manually during weekly system maintenance.  Malware browser hijacks corrupt the hosts file.)

8.       Next, I dragged my new hosts file into C:\Windows\system32\drivers\etc, replacing the old file. You could just append the new stuff to the old file, I suppose. I also stuck the hosts_old backup file in there if I need it for future reference. WD didn’t like this either.

9.       I then ran the nbtstat –R command as recommended. See this page for more information: http://pgl.yoyo.org/adservers/news.php#nbtstatreload

10.   That was it. Off to test…YES! It blocks ads. Not all ads, particularly not from Akamai, but blocking Akamai is problematic because they serve real content, too.

February 01, 2007

5 comments

Viewed 1819 times

0

Keter's blog (6 posts)

Subscribe to this blog
Member since: 12/30/06
About: Modernist magician finishing out a long-neglected concrete lake house.  Could park a tank on the...

More by Keter

• Prev: DIY Cord & Charger Organize...
• Next: FLOR at Target Stores