I Just updated and when I tried to immunize, found that in the Windows section there is an item Global (Hosts) that shows 181 items unprotected along with 6367 that are protected.

Please refer to the attached .jpg .

I have tried Immunize several times to no avail.

Please advise if this indicates a problem in my system and what to do to get these items immunized.

I am running Firefox 2.0.0.7 and Spybot 1.5 on XP SP2 fully updated. In case it is of significance, my antivirus is Avira AntiVir PersonalEdition Premium.

I did look at the FAQ's before posting this, but what I found involved other operating systems.

Thanks in advance for any/all help and advice

Please see my suggestion in the following thread:
Hosts File Immunization, Redux
http://forums.spybot.info/showthread.php?t=18113

Thank you so much for your fast reply.

I went to your thread, followed the instructions exactly, and got the error message shown in the .jpg attached to this post.

Please advise what to do now--I am not an advanced user, so that error message left me confused

Please post the error you are getting!

Hi, Thanks again for getting back to me--the error is shown in the .zip file attached to my previous post.

It reads:
Cannot create file "C:\WINDOWS\System32\drivers\etc\hosts". The process cannot access the file because it is being used by another process.

Please advise how to resolve this

Are you running any other anti-malware programs besides Spybot-S&D that may be blocking access to the HOSTS file?

ZoneAlarm, STOPzilla and possibly other programs can block access to the HOSTS.

I am behind a hardware firewall called Alpha Shield, and a Linksys BEFSR41 router.

The only other anti-malware I run are SpySweeper and Pest Patrol.

I have been behind the firewall and router with both SpySweeper and Pest Patrol active for months and have not had a problem w/ immunizing till today.

I have a program called Unlocker that would let me delete the Hosts file on a reboot.

Should I try doing that and then follow your original instructions "Go into Spybot > Immunize > under Windows uncheck Global (Hosts). Go into Spybot > Mode > Advanced Mode > Tools > Hosts file > and then click on the "Add Spybot S&D hosts list" button. Go back into Spybot > Immunize, is everything immunized?"

Will wait to hear from you and thanks again

I decided to be a player---made an Acronis image of the drive, then deleted the hosts file and backups from System 32\drivers\etc.

I then followed your original instructions "Go into Spybot > Immunize > under Windows uncheck Global (Hosts). Go into Spybot > Mode > Advanced Mode > Tools > Hosts file > and then click on the "Add Spybot S&D hosts list" button."

I'm delighted to report that after performing the above procedure on both computers,everything showed up immunized, but this leads to some other related questions.

1. Through last Wednesday ( I look for and install Spybot updates because they come out weekly on Wed.) I had no problem w/ updating/immunizing on either of my 2 computers. Is it possible that a change in Spybot this week is causing the problem? Does this mean that from now on I'm going to have to weekly delete the old Hosts file before being able to immunize everything?

I do want to make it clear that I made no program changes on either computer since last Wed 9/12/07 that I would consider a cause of the problem. On one computer I uninstalled Norton Ghost because I now run Acronis True Image; I also uninstalled Trend Micro Antispyware.
On the other, I uninstalled VCOM System Suite, and installed Avira AntiVir PersonalEdition Premium (Trend Micro not installed on this one). I am running Pest Patrol and Spysweeper on both; as mentioned in a previous post I've been using that configuration for months w/ no Spybot updating/immunizing issues.
I'm not running any other anti-malware, although in case of need, both Hijack This and CWS Shredder are installed on both rigs. I have run full scans of C: on both computers with both Pest Patrol and SpySweeper; no issues were found

Please advise your thoughts re my above questions and warn me of anything I should be keeping a heads-up for in light of the immunizing anomaly. Thanks again for your time and help!

If the problem with the HOSTS file occurs again, I suggest that rather than delete the file you attempt to determine what is preventing Spybot from updating the file.

There is a utility that can determine who (what) might be using the HOSTS file. The utility is ProcessExplorer by Sysinternals (now part of Microsoft - Microsoft acquired Sysinternals in July, 2006).
Microsoft TechNet Windows Sysinternals
http://www.microsoft.com/technet/sysinternals/default.mspx
If you navigate through the various links (Process Utilities (http://www.microsoft.com/technet/sysinternals/Processesandthreadsutilities.mspx?wt.svl=featured) > Process Explorer (http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx) you will come to:
Process Explorer for Windows v11.0
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
The download link for Process Explorer is:
Download Process Explorer (1.5 MB)
http://download.sysinternals.com/Files/ProcessExplorer.zip
If you download ProcessExplorer.zip, unzip/extract the files, you can then execute procexp.exe. In procexp.exe, if you click on the "Find" menu, select "Find Handle or DLL…", enter HOSTS in the "Handle or DLL substring" and then click the "Search" button, you may be able to determine what process is using the HOSTS file and preventing Spybot from updating it.

md usa spybot fan,

My apologies for taking so long to respond to your advice re Process Explorer ---was called out of town on family emergency.

I have had Process Explorer installed for a couple of years, but only had used it to the extent of seeing what was running on my system.

I followed your instructions:
"In procexp.exe, if you click on the "Find" menu, select "Find Handle or DLL…", enter HOSTS in the "Handle or DLL substring" and then click the "Search" button, you may be able to determine what process is using the HOSTS file and preventing Spybot from updating it."

Unfortunately, nothing showed up when I clicked "Search".

Please advise what other steps I can take to try and figure out what is going on.

My only plan for now is to wait for next Wednesdays updates, shut down Spysweeper before downloading them and immunizing, and see if that cures the problem --- I will advise you of the results of that effort when I do that.

Meanwhile, please respond with any other thoughts you may have regarding this matter.

Again, thanks for your greatly appreciated time and help, and my apologies for taking so long to respond!

Best regards, Peter

I Just updated and when I tried to immunize, found that in the Windows section there is an item Global (Hosts) that shows 181 items unprotected along with 6367 that are protected.

Please refer to the attached .jpg .

I have tried Immunize several times to no avail.

Please advise if this indicates a problem in my system and what to do to get these items immunized.

I am running Firefox 2.0.0.7 and Spybot 1.5 on XP SP2 fully updated. In case it is of significance, my antivirus is Avira AntiVir PersonalEdition Premium.

I did look at the FAQ's before posting this, but what I found involved other operating systems.

Thanks in advance for any/all help and adviceBe careful to check the ignore lists. I found three checked, two instances of CDilla, plus another which I've forgotten. Just check the all list and carefully look for checkmarks. This badware will not be checked by SSD, my question, why are these 3 items marked ignore by SSD from the factory?

b4dawn:

In Spybot 1.5 the products CDilla and SiteStep are ignored by default. See the following thread for more information:
Why are CDilla & SideStep checked in Ignore Products?
http://forums.spybot.info/showthread.php?t=336

Greetings md usa spybot fan et al.,

I am happy to report that shutting down SpySweeper before immunizing ( I actually shut it down even before searching for updates ) has eliminated the problem of not all items immunizing. Just to note , the one that was giving me the problem was the "Global Hosts" section.

Best regards, Peter