Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: HOSTS File Entries

  1. #1
    Member Koosharem's Avatar
    Join Date
    Feb 2011
    Location
    Northern Utah, USA
    Posts
    30

    Question HOSTS File Entries

    This is the "fourth level of protection" provided by SB S&D. The associated description of this function in "Tools" has a sentence that begins "If you decide to use that [this] function, . . ." implies the user needs to take some action to turn it "on".

    Also, in the HELP entry associated with the Hosts File Tool, a sentence begins with: "Spybot-S&D can add a prepared list of web sites known for bad behaviour . . ." This list appears to be the one displayed when you select the Tool.

    My question is, has SB already added this list to my HOSTS file (and it is shown in the Tools Section so I can edit it conveniently)? If so, is this "fourth level" in place and functioning?

  2. #2
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,483

    Default

    Yes,if you see a long list of entries with destination address 127.0.0.1 under Tools->Hosts,then that is most likely the entries Spybot added to the Hosts file,and the "Fourth Level" is (most likely) in place and functioning.

    At the time that "How Spybot-S&D protects against the installation of Spyware/Malware" was written,adding the Spybot entries to the Hosts file was done solely from the Hosts File section of Spybot,as I recall,and only more "advanced" users usually used it.

    Since then adding the list to the Hosts file has been included as part of Spybot's immunization.If you click Immunization,then scroll down to the Windows section,right below that you should see Global (Hosts).If there is a number similar to 14825 under Protected,then the list of bad sites have been added to the Hosts file by Spybot,and the "Fourth Level" is in place and functioning.hth.

  3. #3
    Senior Member
    Join Date
    May 2009
    Posts
    236

    Default

    The large section of entries SpyBot Search & Destroy adds to the hosts file will start with the line at the top

    # Start of entries inserted by Spybot - Search & Destroy

    and have this line at the bottom.

    # End of entries inserted by Spybot - Search & Destroy

    Any hosts file lines that the user wants to add should be added below the line

    127.0.0.1 localhost

    and # Start line listed above.

  4. #4
    Member Koosharem's Avatar
    Join Date
    Feb 2011
    Location
    Northern Utah, USA
    Posts
    30

    Default HOSTS File Entries

    Zenobia -- Thanks for clarifying this. I went to the Immunize Page, and down to Windows/Global (hosts). Yes, the "Protected" entry there is exactly 14,825. So, I we're "good to go" with the SB S&D list of "loop-backs"/blockers.

    I noticed, after clicking on "Immunize" to open that page, the immunize process started, and progress was illustrated with the "green bar". When complete, the "tally" in the upper-right corner of the page showed 301,272 protected! Why is this so much greater than that shown under "Global (hosts)?? And, why is there so much repetition of the number "14,825" (and several others) in results for IE (3 groups) and Firefox (1 group)

    Gopher John -- Thank you for your Post also. I found my way down the folder-chain (C:\Windows\System32\Drivers\Etc\Hosts) and opened the list in Notepad. Sure enough, there was the SB S&D-added "blocker" list! And, I understand your remark that any "user add-ons" should be entered on lines between the start and end of the SB list.

    Later

  5. #5
    Senior Member
    Join Date
    May 2009
    Posts
    236

    Default

    Quote Originally Posted by Koosharem View Post
    Gopher John -- Thank you for your Post also. I found my way down the folder-chain (C:\Windows\System32\Drivers\Etc\Hosts) and opened the list in Notepad. Sure enough, there was the SB S&D-added "blocker" list! And, I understand your remark that any "user add-ons" should be entered on lines between the start and end of the SB list.

    Later
    It is imperative to keep any lines that you add outside the ones that SpyBot S&D's immunizations adds, so that they aren't removed during re-immunization.
    Put them between the LocalHost line and the # Start line.

  6. #6
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,483

    Default

    Quote Originally Posted by Koosharem
    I noticed, after clicking on "Immunize" to open that page, the immunize process started, and progress was illustrated with the "green bar".
    Actually,when you click on Immunize,the immunization process doesn't start.It's more or less a check that Spybot does automatically when opening the immunize page.You will see similar results if you click the Check Again button.
    To Immunize,you have to click the Immunize button with the green cross beside it.
    If you see 0 beside Unprotected in the upper right corner,you should have full Immunization,though.

    The total number in the upper-right corner is so much greater than the one shown down beside Global (Hosts) because that is the total number of items Spybot is protecting against.

    As for why there is so much repetition of the number "14,825" and others in results for IE and Firefox,I do not know.But my best guess is that may be the list of known bad things to the programmers,so that is the amount Immunized in the different areas.
    Last edited by Zenobia; 2011-02-25 at 07:00.

  7. #7
    Member Koosharem's Avatar
    Join Date
    Feb 2011
    Location
    Northern Utah, USA
    Posts
    30

    Smile HOSTS File Entries

    Zenobia & Gopher John

    Gopher John -- Thanks for catching my misunderstanding! A "little voice" did have me a bit concerned about getting "User Adds" mixed up with the SB list. But, I didn't realize what the consequence would be! So, "User Adds" go betweenthe "Local Host line" and the SB "# Start lline". Got it!

    Zenobia -- Thanks for the clarification on what happens by clicking the Immunize "Shield" (Left Side-Panel) and the "Green Cross" (Tool Bar on Immunize Page). That has always puzzled me! I've only recently been using the "Green Cross" because I noticed it always reduced the "Unprotected" to zero -- and that had to be a GOOD THING!

    And, OK on "the numbers". The "Totals" are big numbers and the "Unprotected" are zero, and that works for me!!

    Later

  8. #8
    Junior Member
    Join Date
    Jan 2013
    Location
    Long Island, NY
    Posts
    3

    Default What About the Same 15,000+ Entries to the Windows Registry?

    In my recent Spybot S&D immunization, I received 15,490 entries on Spybot's Localhost List.

    After checking for some of those domains in my Windows XP Pro Registry, I found that the ZoneMap and P3P folders contained these same entries (or so it appears).

    Does Spybot S&D also place these 15,000+ domains in the Windows Registry?

  9. #9
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,483

    Default

    Yes,it does place most or all of those domains in the registry.
    The reason why is explained a little bit here under the paragraph about immunization:
    http://forums.spybot.info/showthread...pyware-Malware

  10. #10
    Junior Member
    Join Date
    Sep 2013
    Posts
    2

    Default

    Quote Originally Posted by Zenobia View Post
    Yes,it does place most or all of those domains in the registry.
    The reason why is explained a little bit here under the paragraph about immunization:
    http://forums.spybot.info/showthread...pyware-Malware
    Zenobia, I found the bloated hosts file because I was tracking down the cause for a 94%+ cpu usage by my dns
    client service. as soon as i deleted all of these entries, my computer rose out of the bog. please elucidate.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •