HOSTS File Entries

[Koosharem]

This is the "fourth level of protection" provided by SB S&D. The associated description of this function in "Tools" has a sentence that begins "If you decide to use that [this] function, . . ." implies the user needs to take some action to turn it "on".

Also, in the HELP entry associated with the Hosts File Tool, a sentence begins with: "Spybot-S&D can add a prepared list of web sites known for bad behaviour . . ." This list appears to be the one displayed when you select the Tool.

My question is, has SB already added this list to my HOSTS file (and it is shown in the Tools Section so I can edit it conveniently)? If so, is this "fourth level" in place and functioning?

[Zenobia]

Yes,if you see a long list of entries with destination address 127.0.0.1 under Tools->Hosts,then that is most likely the entries Spybot added to the Hosts file,and the "Fourth Level" is (most likely) in place and functioning.

At the time that "How Spybot-S&D protects against the installation of Spyware/Malware" was written,adding the Spybot entries to the Hosts file was done solely from the Hosts File section of Spybot,as I recall,and only more "advanced" users usually used it.

Since then adding the list to the Hosts file has been included as part of Spybot's immunization.If you click Immunization,then scroll down to the Windows section,right below that you should see Global (Hosts).If there is a number similar to 14825 under Protected,then the list of bad sites have been added to the Hosts file by Spybot,and the "Fourth Level" is in place and functioning.hth.

[Gopher John]

The large section of entries SpyBot Search & Destroy adds to the hosts file will start with the line at the top

# Start of entries inserted by Spybot - Search & Destroy

and have this line at the bottom.

# End of entries inserted by Spybot - Search & Destroy

Any hosts file lines that the user wants to add should be added below the line

127.0.0.1 localhost

and # Start line listed above.

[Koosharem]

Zenobia -- Thanks for clarifying this. I went to the Immunize Page, and down to Windows/Global (hosts). Yes, the "Protected" entry there is exactly 14,825. So, I we're "good to go" with the SB S&D list of "loop-backs"/blockers.

I noticed, after clicking on "Immunize" to open that page, the immunize process started, and progress was illustrated with the "green bar". When complete, the "tally" in the upper-right corner of the page showed 301,272 protected! Why is this so much greater than that shown under "Global (hosts)?? And, why is there so much repetition of the number "14,825" (and several others) in results for IE (3 groups) and Firefox (1 group)

Gopher John -- Thank you for your Post also. I found my way down the folder-chain (C:\Windows\System32\Drivers\Etc\Hosts) and opened the list in Notepad. Sure enough, there was the SB S&D-added "blocker" list! And, I understand your remark that any "user add-ons" should be entered on lines between the start and end of the SB list.

Later

[Gopher John]

Gopher John -- Thank you for your Post also. I found my way down the folder-chain (C:\Windows\System32\Drivers\Etc\Hosts) and opened the list in Notepad. Sure enough, there was the SB S&D-added "blocker" list! And, I understand your remark that any "user add-ons" should be entered on lines between the start and end of the SB list.

Later

It is imperative to keep any lines that you add outside the ones that SpyBot S&D's immunizations adds, so that they aren't removed during re-immunization.
Put them between the LocalHost line and the # Start line.

[Zenobia]

I noticed, after clicking on "Immunize" to open that page, the immunize process started, and progress was illustrated with the "green bar".

Actually,when you click on Immunize,the immunization process doesn't start.It's more or less a check that Spybot does automatically when opening the immunize page.You will see similar results if you click the Check Again button.
To Immunize,you have to click the Immunize button with the green cross beside it.
If you see 0 beside Unprotected in the upper right corner,you should have full Immunization,though.

The total number in the upper-right corner is so much greater than the one shown down beside Global (Hosts) because that is the total number of items Spybot is protecting against.

As for why there is so much repetition of the number "14,825" and others in results for IE and Firefox,I do not know.But my best guess is that may be the list of known bad things to the programmers,so that is the amount Immunized in the different areas.