New Bug Spybot Anti-Beacon Plus 5.4.7 doesn't write to HOSTS file on Windows Server 2022

T

Tinkerski

New member
Software Version
5.4.7
Operating System
Windows 10 (64 bit)
Just purchased a new license for Spybot Anti-Beacon Plus and installed it on a new Windows Server 2022 (21H2) OS setup. (Windows 10 x64 based.)

It runs, every time it shows that it's checking everything and says it is protected. No errors are generated.

But, the HOSTS file is empty. It writes nothing there. (C:\Windows\System32\drivers\etc\hosts)

I've checked it repeatedly... while Anti-Beacon Plus is running, right after it scans and reports that everything is protected, after it closes, etc.

The HOSTS file isn't touched at any point.

So, that implies that the program is not working or protecting anything while it reports that it is working and protecting everything.

That's not good. It shouldn't work like that.
 
AI (Google Gemini Pro 3.1 with DeepThink) (strongest Available, can still make stuff up):

gemini.google.com

‎Gemini - direct access to Google AI

Created with Gemini
gemini.google.com gemini.google.com



Some notes:

Look for recent blocked threats. You will almost certainly see an entry for SettingsModifier:Win32/HostsFileHijack"
Click to expand...

There wasn't



Connected User Experiences and Telemetry (formerly DiagTrack). Anti-Beacon should have set its Startup Type to Disabled
Click to expand...

I don't have this service



Check Windows Firewall: Open Windows Defender Firewall with Advanced Security. Click on Outbound Rules. You should see several new rules explicitly blocking outbound traffic to specific Microsoft IP ranges that were created by Anti-Beacon.
Click to expand...

I see no such entries



Unlike consumer versions of Windows 10/11 (which ignore this command), Windows Server legally allows you to completely turn off Diagnostic Data natively via Group Policy. Anti-Beacon usually flips this key for you, but you should verify it:

1) Press Win + R, type gpedit.msc, and hit Enter.

2) Navigate to: Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds.

3) Double-click Allow Diagnostic Data.

4) Set it to Enabled, and in the drop-down options, select 0 - Diagnostic data off (or "Security").
Click to expand...

Windows Server legally allows you
Click to expand...
(lol)

This policy was not enabled. I enabled it and selected option 0.
 
I guess I just want to know...

If Spybot Anti-Beacon is not modifying the HOSTS file anymore, then how can I confirm that it's really working? How do I test it? Where is it blocking? If it's not HOSTS, and it's not Windows Firewall, then where?
 
You must log in or register to reply here.
Back
Top