attempted host file change

I got an alert from spysweeper that spywareterminator was trying to change my host files. Blocked as was not sure? What does it mean? It happened just after a scan where nothing was found

 

"Trying to change", or "trying to access"?
I've never had the hostsfile change when using ST.
ST has an option called "immunize", similar to Spybot's or SpywareBlaster's, I think, do you have that active? ST running realtime or demand?
ST also is able to guard the Hosts File, maybe that is what was being registered?

 

I don't know if 'spywareterminator' is a trustworthy program (and who knows, maybe it is but you have some rogue program that calls itself 'spywareterminator' ?).

If it is trustworthy, maybe you should just let the Spy Sweeper allow what spywareterminator wants to do ... unless the programs are in some way incompatible. You CAN get problems if you use two antispyware programs.

 

There are two "spyware terminators''.
One is a non-rogue, from Crawler, and is trustworthy.
The other is from Invender nl, and is on the rogue list. (see here, about a third way down the page.
The only apparent difference is the spelling: SpywareTerminator for the former, Spyware Terminator (note the space) for the latter.

[Edit] X-posted with above.

 

I have the Crawler ST . It tried to change the host file yes. Where is the immunise function, do I have to have web secirity guard to have that? Ok found it and it says immunised 5187/5187 immunise button is greyed out

 

OK, david, as a test, hit the "de-immunize" button, see if Spysweeper pops a warning. Then (if no response) try immunizing again.
I have no idea as to whether the immunity function affects the Hostsfile or not. I think it's more likely it will affect the registry.
This test might indicate the answer.

 

Did that. I got 'immunized 2158/5187 If you want to immunize all remaining items just run the immunize feature.'

I clicked on immunize- now not greyed out- and got 'system immunization complete' box to which clicked OK

No reaction from SS

 

OK. It's not that, then. (Although it is a bit strange it didn't de-immunize all items. Repeat attempts may be worthwhile. Got any other immunities active?)

All I can suggest is to run another scan and if it happens again take a snapshot, or copy the exact warning that appears. If ST is realtime (and Spysweeper obviously is) you may be looking at a software confliction, which is possibly best handled at SS and/or ST support.

 

SpywareBlaster

 

If you are happy to, and you may want to research how many/which sites each provides immunity to, I'd be inclined to disable one of them. If you're confident in the hostsfile being comprehensive and up to date, you may want to disable both. Only reason; too many (different) immunity protocols can slightly slow down web browsing...more exclusions to process before a page is displayed.
Doesn't address your issue, though.
Which Hostsfile are you using?

 

I do not understand that

 

Did. problem this time

 

The hostsfile is part of the browser system, associated with DNS, I believe. It's empty by default. If you install a Hostsfile (I use the MVPS Hostfile, managed by a program called Hostsman) it blocks known bad sites.
It would seem by your reply that you have default settings, which is fine, just wanted to establish that.
Still no closer to answering the OP, sorry.

 

Yes mine is empty. Sorry I did not know the correct term for it but there is nothing there only this text

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

 

Same problem?
Or did you mean "No problem this time"?
If problem, any chance of seeing the wording of the warning?

 

Re Hosts File, some info for you.
I believe, but am not sure, that having this active pretty much negates the need for SpywareBlaster etc. MVPS dot org

 

No problem sorry

 

That is like spyad is it?

 

A bit. Spyad AFAIK only works in IE. It works by setting the browser permissions to "restricted" for certain sites, much as SpywareBlaster does.
The MVPS hostsfile prevents the page from loading, or in the case of certain ads, prevents them from being included on the page.