Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: SpyBot 1.5 Questions...

  1. #1
    Junior Member
    Join Date
    Jan 2008
    Posts
    24

    Question SpyBot 1.5 Questions...

    Alright, I have been using SpyBot for ages now, but after installing 1.5 upon performing my yearly format, I noticed that SpyBot will hang when first started, showing no status bar or anything, eat up 50% or more CPU, and after about ten to twenty seconds, start normally and stop eating CPU. This happens on both XP Pro x64 and on regular XP Pro 32bit. I have it on my 64bit laptop, 64bit desktop, and 32bit desktop. All do this. Is this a bug or something else?

    My next question is about the protections for IE, both the blocked cookie sites and the hosts file. If you ad more than a few hundred entries to the hosts file, the system can be slow and unresponsive on low-end machines. The "fix" for this is to disable the DNS client service, but in doing so won't you essentially bypass the hosts file since you'll be getting DNS info from your router or ISP?

    Also, why are there still sites in the blocked cookies list if you can add them to the hosts file and block them completely? Is there a specific reason for blocking in IE's sites list and if so, what is it?

    That leads me to my next and final question. I have been using IE in Windows since the initial release years ago. However, when in Linux (Debian for me) I use Firefox and like it much more. My reason for not using it in Windows is due to SpyBot being oriented towards IE. However, with your recent usage of the hosts file, anything in said hosts file blocks for the entire system, which would include FF. However, you block specific sites in the registry for IE (the sites list in IE), but FF also has a sites list and unless it is different in Windows, it is in a file in the user's private directory tree. All SpyBot needs to protect FF as well as IE at this point would be a simple check to see if FF is installed and then check the "hostperm.1" file to see if those sites are in it, and if not, add them to it. At that point those sites would be blocked for cookies alone, just like in IE. In Linux, the file is in "$HOME/.mozilla/firefox/<hash>.default/", which would probably wind up being something like "Documents and Settings\UserName\Local Settings\Mozilla" in Windows, or possibly "All Users" instead of one user name to block it for all users. Being a programmer myself, I know that writing to a file is easier than the registry (at least in C/C++), so why after all this time is FF left out of the cookie protection?

    *EDIT*

    I added a few of the blocked sites on IE from my Windows machine to FF on my laptop while in Linux, and thought I'd display how simple it is to add support for FF. Again, I am not sure where the "hostperm.1" file is under Windows, but finding it should be cake.
    Code:
    host	install	1	update.mozilla.org
    host	cookie	2	180solutions.com
    host	cookie	2	gator.com
    host	cookie	2	lop.com
    host	cookie	2	revenue.net
    host	cookie	2	atdmt.com
    host	install	1	addons.mozilla.org
    host	cookie	2	advertising.com
    host	cookie	2	engage.com
    host	cookie	2	2every.net
    As you can see, to block cookies from a site, you simple insert "host cookie 2 <site>" into the file. The install lines were placed there by FF, so I wouldn't remove them!
    Last edited by Sephiroth; 2008-01-06 at 00:50.

  2. #2
    Member
    Join Date
    Feb 2007
    Location
    Belgium
    Posts
    61

    Default

    Hello,
    for the first point
    <http://forums.spybot.info/showthread.php?t=22265>

  3. #3
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    Sephiroth:

    Quote Originally Posted by Sephiroth View Post
    My next question is about the protections for IE, both the blocked cookie sites and the hosts file. If you ad more than a few hundred entries to the hosts file, the system can be slow and unresponsive on low-end machines. The "fix" for this is to disable the DNS client service, but in doing so won't you essentially bypass the hosts file since you'll be getting DNS info from your router or ISP?
    DNS Client service caches DNS lookups. Without it running it does not bypass the HOSTS file.

    From:

    The effects of running the DNS Client service

    There are several minor differences in system behavior depending on whether the DNS Client service is started:
    • Parsing of the "hosts" file: The lookup functions read only the hosts file if they cannot off-load their task onto the DNS Client service and have to fall back to communicating with DNS servers themselves. In turn, the DNS Client service reads the "hosts" file once, at startup, and only re-reads it if it notices that the last modification timestamp of the file has changed since it last read it. Thus:
      • With the DNS Client service running: The "hosts" file is read and parsed only a few times, once at service startup, and thereafter whenever the DNS Client service notices that it has been modified.
      • Without the DNS Client service running: The "hosts" file is read and parsed repeatedly, by each individual application program as it makes a DNS lookup.


    • The effect of multiple answers in the "hosts" file: The DNS Client service does not use the "hosts" file directly when performing lookups. Instead, it (initially) populates its cache from it, and then performs lookups using the data in its cache. When the lookup functions fall back to doing the work themselves, however, they scan the "hosts" file directly and sequentially, stopping when the first answer is found. Thus:
      • With the DNS Client service running: If the "hosts" file contains multiple lines denoting multiple answers for a given lookup, all of the answers in the cache will be returned.
      • Without the DNS Client service running: If the "hosts" file contains multiple lines denoting multiple answers for a given lookup, only the first answer found will be returned.



    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  4. #4
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    Sephiroth:

    Quote Originally Posted by Sephiroth View Post
    Also, why are there still sites in the blocked cookies list if you can add them to the hosts file and block them completely? Is there a specific reason for blocking in IE's sites list and if so, what is it?
    Firstly, because some people not use a HOSTS file. Secondly, because you may what to block the storing of a cookie from a site but not place other restrictions on the site nor prevent access to the site altogether.

    Take excite.com for example. Both Spybot and SpywareBlaster block the storing of cookies from excite.com but do not place the site in the restricted zone. Nor does Spybot add excite.com to it's HOSTS file.

    Quote Originally Posted by Sephiroth View Post
    That leads me to my next and final question. I have been using IE in Windows since the initial release years ago. However, when in Linux (Debian for me) I use Firefox and like it much more. My reason for not using it in Windows is due to SpyBot being oriented towards IE. …
    Have you tried Spybot's Firefox immunization?

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  5. #5
    Junior Member
    Join Date
    Jan 2008
    Posts
    24

    Exclamation

    Is the FF immunization in the advanced options? I have not tried it because I did not see anything mentioning FF on the main screens, although I may just be blind! Does the FF immunization block the cookie sites and hosts sites using the hostperm.1 file or some other method?

  6. #6
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    Firefox immunization is part of normal immunization starting with Spybot 1.5. Go into Spybot > Immunize (not part of "Advanced mode" options).

    Note the second screen shot in the following:

    ps: All squared away on your other questions?
    Last edited by md usa spybot fan; 2008-01-06 at 23:46.

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  7. #7
    Junior Member
    Join Date
    Jan 2008
    Posts
    24

    Arrow

    Only two, and one is to clarify. SpyBot now protects FF just as well as IE, including adding sites to the FF blocked sites list, correct?

    The other is whether or not it protects FF for all users, or only the admin running SpyBot? I expect the answer to be the current user only, since FF (from what I gathered on the FF forum) has the major security issue of not having a global (all users) list of blocked sites that only an admin can modify. So does SpyBot block bad sites for everybody, or just the user running SpyBot?
    QuadCore 3.0GHz (1333MHz FSB), 8GB DDR3/1333MHz (Dual-Channel), Dual nVidia GTX295 2GB VRAM, SB X-Fi Gamer PCI-E
    P4/3.20GHz HT (800MHz FSB), 2GB DDR/400MHz (Dual-Channel), nVidia7800GS 256MB, Audigy II w/4.1 Speakers

  8. #8
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,247

    Default

    Yes,Spybot does now protect FF.Spybot uses the hostsperm.1 file to block unwanted cookies,popups,Images,Installs using the method you mentioned in your first post.Here's a very small bit of the entries in my hostsperm.1 file added by Spybot(it's actually a really huge list in there,too big for me to post.)

    # Permission File
    # This is a generated file! Do not edit.

    host install 2 search.netzany.co
    host popup 2 search.netzany.co
    host image 2 search.netzany.co
    host install 2 1shoppingcart.com
    host popup 2 1shoppingcart.com
    host image 2 1shoppingcart.com
    I believe Spybot just immunizes the current user when applying Immunization for FF,and not for everybody.But,if you or the other User log into their account and Immunize FF,the entries should be added to the hostperm.1 file for their account.

  9. #9
    Junior Member
    Join Date
    Jan 2008
    Posts
    24

    Default

    That's what I thought, thanks. I guess I can't switch to FF in Windows yet, due to lack of global blocking (this is a FF issue, NOT a SpyBot issue) and slow-downs when using a large list of blocked sites. Maybe 3.0 will fix these two issues.

    By the way, nice avatar. I love panthers and other large cats.
    QuadCore 3.0GHz (1333MHz FSB), 8GB DDR3/1333MHz (Dual-Channel), Dual nVidia GTX295 2GB VRAM, SB X-Fi Gamer PCI-E
    P4/3.20GHz HT (800MHz FSB), 2GB DDR/400MHz (Dual-Channel), nVidia7800GS 256MB, Audigy II w/4.1 Speakers

  10. #10
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,247

    Default

    Thanks,me too.

    I've never had slowdown problems with FF since immunizing with Spybot,but I've read of a lot of other people having that problem.If you experience slowdowns from the large amount of entries in the hostsperm.1 file,you could unimmunize whatever you choose,and leave FF immunized for whatever you'd like to keep.For example,you could unimmunize Images,Installations and Popups,and just leave Cookies immunized,if you'd prefer to just block cookies,and that would cut down on the number of entries in the hostperm.1 file.To make that easier,if you rightclick in the immunization window,you can deselect all,then just individually checkmark the ones you'd like to unimmunize,then hit Undo.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •