Sign in with
Sign up | Sign in
Your question

SpyBot 4.0/Hosts File?

Last response: in Computer Brands
Share
Anonymous
June 16, 2005 4:50:49 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Just upgraded to SpyBot Version 4.0.3 (Build 363) , as soon as it loaded
I got an error "hosts file is too large"

Did about an hour of Google, and am more confused than I was when I started.

I am also running WinPatrol v. 9.1

1. Is it time to panic.

2. In Winpatrol options tab, I have ticked Detect Changes to Internet
Explorer Home and Search Pages, and Warn if changes are made to my HOSTS
file. I also have ticked lock HOSTS file. Is all OK at this point?

3. In all of the google searches there seemed to be a lot of info about
deleting the host file, uninstall SpyBot, clear the host file etc. etc. This
seems like it is a bit over the top.

4. Should I try to uninstall the update, and go back to the previous version
and wait for SpyBot to fix this?

5. It seems some users replace there hosts file by using a download. Is this
advisable?

6. Any other suggestions?

Thanks
Bob

More about : spybot hosts file

Anonymous
June 16, 2005 7:33:03 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Leanin' Cedar wrote:

> Just upgraded to SpyBot Version 4.0.3 (Build 363) , as soon as it loaded
> I got an error "hosts file is too large"
>
> Did about an hour of Google, and am more confused than I was when I started.
>
> I am also running WinPatrol v. 9.1
>
> 1. Is it time to panic.
>
> 2. In Winpatrol options tab, I have ticked Detect Changes to Internet
> Explorer Home and Search Pages, and Warn if changes are made to my HOSTS
> file. I also have ticked lock HOSTS file. Is all OK at this point?
>
> 3. In all of the google searches there seemed to be a lot of info about
> deleting the host file, uninstall SpyBot, clear the host file etc. etc. This
> seems like it is a bit over the top.
>
> 4. Should I try to uninstall the update, and go back to the previous version
> and wait for SpyBot to fix this?
>
> 5. It seems some users replace there hosts file by using a download. Is this
> advisable?
>
> 6. Any other suggestions?
>
> Thanks
> Bob
>
>
Well first off, how large of a file is your hosts file? By default it
is located at C:\WINDOWS\system32\drivers\etc\hosts. You may want to
rename that file to say hosts.bak and create a new file with the
following contents: 127.0.0.1 localhost

I'm presuming you are on a home machine and don't rely on your hosts
file for any particular app.
Anonymous
June 16, 2005 7:33:04 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

> Well first off, how large of a file is your hosts file? By default it is
> located at C:\WINDOWS\system32\drivers\etc\hosts. You may want to rename
> that file to say hosts.bak and create a new file with the following
> contents: 127.0.0.1 localhost
>
> I'm presuming you are on a home machine and don't rely on your hosts file
> for any particular app.

while my home network has its own DNS, I still have a massive hosts file.
Its there incase the popup blockers dont do thier job, which occasionally
happens. Everything in there points to 127.0.0.1

tedious at times, but useful.

- NuTs
Related resources
Anonymous
June 16, 2005 10:07:04 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

NuTCrAcKeR wrote:
>>Well first off, how large of a file is your hosts file? By default it is
>>located at C:\WINDOWS\system32\drivers\etc\hosts. You may want to rename
>>that file to say hosts.bak and create a new file with the following
>>contents: 127.0.0.1 localhost
>>
>>I'm presuming you are on a home machine and don't rely on your hosts file
>>for any particular app.
>
>
> while my home network has its own DNS, I still have a massive hosts file.
> Its there incase the popup blockers dont do thier job, which occasionally
> happens. Everything in there points to 127.0.0.1
>
> tedious at times, but useful.
>
> - NuTs
>
>
I do that for big offenders, but in general between Mozilla and AdBlock
it's not much of an issue. I do use a few URL shortcuts for when I ssh
into my school's mail server, etc.
Anonymous
June 16, 2005 2:06:38 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Nicholas Andrade" <sdnick484@nospam.yahoo.com> wrote in message
news:p p6se.29351$J12.3671@newssvr14.news.prodigy.com...
> Well first off, how large of a file is your hosts file? By default it is
> located at C:\WINDOWS\system32\drivers\etc\hosts. You may want to rename
> that file to say hosts.bak and create a new file with the following
> contents: 127.0.0.1 localhost
>
> I'm presuming you are on a home machine and don't rely on your hosts file
> for any particular app.

Yes, I am on a home machine and only user.

I have the following;
hosts 49KB 4/16/2005 2:53 AM
hosts.20040721-085236.backup 1KB 8/18/2001 5:00 AM
hosts.20050416-025318.backup 49KB 2/23/2005 7:22 PM
Imhosts.sam 4KB 8/18/2001 5:00 AM
networks 1KB 8/18/2001 5:00 AM
protocol 1KB 8/18/2001 5:00 AM
services 7KB 12/15/2003 6:12 PM


the first few entries in the hosts file
127.0.0.1 localhost
# start of entries inserted by spybot - search & destroy
127.0.0.1 coolwwwsearch.com
127.0.0.1 coolwebsearch.com
everything is preceded by 127.0.0.1


Bob
Anonymous
June 16, 2005 2:06:39 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Leanin' Cedar wrote:
> "Nicholas Andrade" <sdnick484@nospam.yahoo.com> wrote in message
> news:p p6se.29351$J12.3671@newssvr14.news.prodigy.com...
>> Well first off, how large of a file is your hosts file? By default
>> it is located at C:\WINDOWS\system32\drivers\etc\hosts. You may
>> want to rename that file to say hosts.bak and create a new file with
>> the following contents: 127.0.0.1 localhost
>>
>> I'm presuming you are on a home machine and don't rely on your hosts
>> file for any particular app.
>
> Yes, I am on a home machine and only user.
>
> I have the following;
> hosts 49KB 4/16/2005 2:53 AM
> hosts.20040721-085236.backup 1KB 8/18/2001 5:00 AM
> hosts.20050416-025318.backup 49KB 2/23/2005 7:22 PM
> Imhosts.sam 4KB 8/18/2001 5:00 AM
> networks 1KB 8/18/2001 5:00 AM
> protocol 1KB 8/18/2001 5:00 AM
> services 7KB 12/15/2003 6:12 PM
>
>
> the first few entries in the hosts file
> 127.0.0.1 localhost
> # start of entries inserted by spybot - search & destroy
> 127.0.0.1 coolwwwsearch.com
> 127.0.0.1 coolwebsearch.com
> everything is preceded by 127.0.0.1
>
>
> Bob

You have too many programs that modify the hosts file, IMO. SpyBot,
when Immunizing your computer, inserts its current list of bad actors
into the hosts file; presumably all of your other programs do the same.
The result is an ever-growing list containing many duplicates supplied
by several different programs. Not only that, but SpyBot has the same
functionality (presumably) as WinPatrol. You should review your need
for duplication of effort.

If I were you, I would rename the current hosts file and decide to use
one reputable monitoring program to control it. SpyBot would be my
choice (Immunize) with downloading a pre-built hosts from a reputable
source as second. Frankly, I would dump WinPatrol in favor of SpyBot
since WP simply duplicates SB's functionality.

Software firewalls normally contain popup blocking capability. The
hosts file, IMO, is the wrong source for popup control. There is no
humanly possible way to keep on top of the ever-changing URL's used by
popups. I would never run without a software firewall of some repute.
I use Outpost, but there are many other decent firewalls.

Q
Anonymous
June 16, 2005 7:35:14 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Quaoar" <quaoar@tenthplanet.net> wrote in message
news:aOOdnROG-fIvGizfRVn-gw@comcast.com...
> Leanin' Cedar wrote:

> You have too many programs that modify the hosts file, IMO. SpyBot, when
> Immunizing your computer, inserts its current list of bad actors into the
> hosts file; presumably all of your other programs do the same. The result
> is an ever-growing list containing many duplicates supplied by several
> different programs. Not only that, but SpyBot has the same functionality
> (presumably) as WinPatrol. You should review your need for duplication of
> effort.
>
> If I were you, I would rename the current hosts file and decide to use one
> reputable monitoring program to control it. SpyBot would be my choice
> (Immunize) with downloading a pre-built hosts from a reputable source as
> second. Frankly, I would dump WinPatrol in favor of SpyBot since WP
> simply duplicates SB's functionality.
>
> Software firewalls normally contain popup blocking capability. The hosts
> file, IMO, is the wrong source for popup control. There is no humanly
> possible way to keep on top of the ever-changing URL's used by popups. I
> would never run without a software firewall of some repute. I use Outpost,
> but there are many other decent firewalls.
>
> Q


Something for me to consider. My understanding was that spybot updated the
host file, and winpatrol was simply trying to alert me if something was
changing the hosts file.

I believe the problem is based in the new version of SpySweeper, since there
was not any error message about the hosts file being too large before the
new version. but that is why I am trying to gather info.

Does WinPatrol update the host file, or just monitor it?

Thanks for any help
Bob
Anonymous
June 18, 2005 1:55:25 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Leanin' Cedar wrote:
> "Quaoar" <quaoar@tenthplanet.net> wrote in message
> news:aOOdnROG-fIvGizfRVn-gw@comcast.com...
>> Leanin' Cedar wrote:
>
>> You have too many programs that modify the hosts file, IMO. SpyBot,
>> when Immunizing your computer, inserts its current list of bad
>> actors into the hosts file; presumably all of your other programs do
>> the same. The result is an ever-growing list containing many
>> duplicates supplied by several different programs. Not only that,
>> but SpyBot has the same functionality (presumably) as WinPatrol. You
>> should review your need for duplication of effort.
>>
>> If I were you, I would rename the current hosts file and decide to
>> use one reputable monitoring program to control it. SpyBot would be
>> my choice (Immunize) with downloading a pre-built hosts from a
>> reputable source as second. Frankly, I would dump WinPatrol in
>> favor of SpyBot since WP simply duplicates SB's functionality.
>>
>> Software firewalls normally contain popup blocking capability. The
>> hosts file, IMO, is the wrong source for popup control. There is no
>> humanly possible way to keep on top of the ever-changing URL's used
>> by popups. I would never run without a software firewall of some
>> repute. I use Outpost, but there are many other decent firewalls.
>>
>> Q
>
>
> Something for me to consider. My understanding was that spybot
> updated the host file, and winpatrol was simply trying to alert me if
> something was changing the hosts file.
>
> I believe the problem is based in the new version of SpySweeper,
> since there was not any error message about the hosts file being too
> large before the new version. but that is why I am trying to gather
> info.
> Does WinPatrol update the host file, or just monitor it?
>
> Thanks for any help
> Bob

I don't know about WinPatrol, but now you've mentioned Spy Sweeper also.
I would dump all but Spybot (it can lock your hosts file, lock out
browser hijacks), and get a NAT router with Stateful Packet Inspection
and other security even if you have only one computer. It will be much
simpler and far easier to control.

Q
June 20, 2005 9:58:34 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Thu, 16 Jun 2005 00:50:49 GMT, "Leanin' Cedar" <Nospam@nospam.org>
wrote:

>Just upgraded to SpyBot Version 4.0.3 (Build 363) , as soon as it loaded
>I got an error "hosts file is too large"
>



Did you read the help file, check their web site or google this
question?

Can't say for sure but why not just eliminate all these overlapping
softwares and reinstall each one on a different day. This might find
what software is causing it to get too large or the reinstalling
process will make everything fresh and smaller to start.
Anonymous
June 20, 2005 12:26:10 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Leanin Ceder,
Check the following site, and scroll down to the posting by siliconman01:

http://www.wilderssecurity.com/showthread.php?p=482838

The application you are talking about is not SPYBOT: S&D, but SPYSweeper. It
seems that there is an issue with the HOSTS file and the program.

--

Rich/rerat

(RRR News) <message rule>
<<Previous Text Snipped to Save Bandwidth When Appropriate>>



<Rob> wrote in message news:ls7db1pruft27qblaau0n0g50pqrsjrt9v@4ax.com...
On Thu, 16 Jun 2005 00:50:49 GMT, "Leanin' Cedar" <Nospam@nospam.org>
wrote:

>Just upgraded to SpyBot Version 4.0.3 (Build 363) , as soon as it loaded
>I got an error "hosts file is too large"
>



Did you read the help file, check their web site or google this
question?

Can't say for sure but why not just eliminate all these overlapping
softwares and reinstall each one on a different day. This might find
what software is causing it to get too large or the reinstalling
process will make everything fresh and smaller to start.
Anonymous
June 21, 2005 4:16:02 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

You are right. The google searches I have done have been on spysweeper. That
is a link I had previously visited.
there are some real convoluted solutions out there.
I wrote a ticket and just got this response from SpySweeper

"Solution: Starting with Spy Sweeper Version 4.0, you may receive
this message if your Hosts file has too many entries for the Hosts File
Shield to support. If you receive this message, you will not be able to
turn on your Hosts File Shield until you reduce the number of entries or
size in your Hosts file. We implemented this check with Version 4.0
because our Threat Research team indicated that a very large Hosts file
(requiring thousands of DNS or Domain Name Service look-ups) has a
negative impact on your Windows performance and that of Spy Sweeper. "

Since the size of my hosts file is 49KB, I reopened the ticket and asks what
the solution might be and if 49KB is too large.

The entries in the hosts file are from spybot

127.0.0.1 localhost
# start of entries inserted by spybot - search & destroy
127.0.0.1 coolwwwsearch.com
127.0.0.1 coolwebsearch.com


Too much spy-this and spy-that

I currently have WinPatrol monitoring changes in my hosts file.

Thanks
Bob

"RRR_News" <nospam@isp.com> wrote in message
news:o pudnYxDU8x-KCvfRVn-rg@comcast.com...
> Leanin Ceder,
> Check the following site, and scroll down to the posting by siliconman01:
>
> http://www.wilderssecurity.com/showthread.php?p=482838
>
> The application you are talking about is not SPYBOT: S&D, but SPYSweeper.
> It
> seems that there is an issue with the HOSTS file and the program.
>
> --
>
> Rich/rerat
>
> (RRR News) <message rule>
> <<Previous Text Snipped to Save Bandwidth When Appropriate>>
>
>
>
> <Rob> wrote in message news:ls7db1pruft27qblaau0n0g50pqrsjrt9v@4ax.com...
> On Thu, 16 Jun 2005 00:50:49 GMT, "Leanin' Cedar" <Nospam@nospam.org>
> wrote:
>
>>Just upgraded to SpyBot Version 4.0.3 (Build 363) , as soon as it loaded
>>I got an error "hosts file is too large"
>>
>
>
>
> Did you read the help file, check their web site or google this
> question?
>
> Can't say for sure but why not just eliminate all these overlapping
> softwares and reinstall each one on a different day. This might find
> what software is causing it to get too large or the reinstalling
> process will make everything fresh and smaller to start.
>
>
Anonymous
June 21, 2005 11:43:42 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

<ben_myers_spam_me_not @ charter.net (Ben Myers)> wrote in message
news:42b808b2.278314@nntp.charter.net...
> How about Spybot + Ad-Aware? Nneither is intrusive and together they seem
> to
> identify 99.9% of the pests. Both have frequent updates... Ben Myers
>


<snip>


Yep. Toss in MS anti-spyware for real-time registry changes, startup items
or unwanted (adware/spyware) program installs, and that should do it.


Stew
Anonymous
June 22, 2005 3:14:24 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:4gUte.117219$lQ3.15175@bignews5.bellsouth.net...
>
> Yep. Toss in MS anti-spyware for real-time registry changes, startup
> items or unwanted (adware/spyware) program installs, and that should do
> it.
>
>
> Stew
http://www.bbspot.com/News/2005/01/microsoft_antispywar...

I may not download this one right away LOL

Bob
!