Iffy Immunisation?

P

Peter_Mac

New member
Hi,

Problem is this:

When I click on "Immunise" a message is displayed saying that "3368 problems are now blocked" BUT if I click on "check again", it comes up with a message that "3362 problems are blocked, 6 additional protections possible - please immunise". I then click on "Immunise" again only to have a repeat of this.

The problem is that this goes on in an endless cycle. Any Ideas?!

(I should say that Spybot works perfectly on my computer - but another one that I'm using has this flaw.)

Thanks.
 
Last edited:
Is the system that has this flaw running Windows 98, 98SE or ME?

There is a bug in the way Spybot 1.4 is counting the immunization. On Windows 98, 98SE and ME systems you get six (6) items that show as unimmunized. If you are getting the following message on a Windows 98, 98SE or ME system, it is normal although not correct:
  • Warning
    xxxx bad products already blocked, 6 additional protections possible. Please immunize.
    OK
Note: I don’t recognize the figure 3362 in the following:
  • Warning
    3362 bad products already blocked, 6 additional protections possible. Please immunize.
    OK
What operating system is that system running and what is the version and update level of Spybot is on that system? Go into Spybot > Help > About and check the following:
  • Spybot - Search & Destroy 1.???
    Latest detection update: 2006-??-??
It should read:
  • Spybot - Search & Destroy 1.4
    Latest detection update: 2006-10-27
 
md usa spybot fan said:
Is the system that has this flaw running Windows 98, 98SE or ME?

There is a bug in the way Spybot 1.4 is counting the immunization. On Windows 98, 98SE and ME systems you get six (6) items that show as unimmunized. If you are getting the following message on a Windows 98, 98SE or ME system, it is normal although not correct:
  • Warning
    xxxx bad products already blocked, 6 additional protections possible. Please immunize.
    OK
Click to expand...



I also have this issue but it is 12 detections not 6 and my machine is running win 2k, interestingly I have this issue with only one local user on a machine with 5 users! all others get fully immunised


I have also seen these that appear to have similar problem
* Immunize problem in 1.4 ?
http://forums.spybot.info/showthread.php?t=271
* Can't fully immunize
http://forums.spybot.info/showthread.php?t=517

have tried emailing the problem in but I think I am confusing things for help desk

this is the first time I have seen this issue and have been a spybot user for a number of years now

suggs
 
suggs:

I really don't what specifically causes the six (6) items to show as un-immunized or why it shows up as twelve (12) at times on Windows 98, 98SE and ME systems. It is not however a problem normally reported on Windows 2000 systems.

Since there is a discrepancy among the users on the same system, I suspect that the user that has the problem does not have full access to all the registry hives where Spybot immunizes.

I believe that immunization count on a Windows 2000 system should be 6143 after the 2006-11-10 updates. What is the count in the warning message that you are getting for the user that does not appear to be fully immunized?
  • Warning
    ???? bad products already blocked, 12 additional protections possible. Please immunize.
    OK
 
Last edited:
I get

6131 bad products already blocked, 12 additional protections possible. Please immunise.

I have actually tried deleting the user and removing documents and settings folder of that user. The issue remains after I have recreated the user with the same user name. The user is a member of the "power user" group other users of that group have no issue.

cheers
 
suggs:

I should just say "Suffice it to say that there are defects in the immunization counting in Spybot-S&D 1.4" and leave it at that. I am truly hesitant to post the following because I am afraid that it may raise more questions than it answers about immunization counts, but here goes.

With a count of 6131 that user account is fully protected and I still don't know what causes the appearance of the 12 unprotected entries or the extra 12 entries on the accounts that appear to be fully immunized.

With the updates of 2006-11-10, Spybot is actually blocking 963 ActiveX processes, 136 cookies, adding 2348 sites to the restricted zone by domain and adding 64 sites to the restricted zone by zone (IP Address). If you add that up you get 3511 (963 + 136 + 2348 + 64 = 3511).

So were does the 6131 come from? Spybot immunizes the same entries in multiple registry hives and counts the additional entries in most by not all cases (another immunization counting anomaly).

In a Windows 2000 system immunization is done in the following registry hives:
  • ActiveX Blocking
    Code: 
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility]
  • Cookie Blocking
    Code: 
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History]
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History]
  • Restricted Zone by Domain (Site Name)
    Code: 
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
  • Restricted Zone by Range (IP Address)
    Code: 
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
Immunization counts (Windows 2000):
  • ActiveX Blocking – 963 times 1 registry hive = 963
  • Cookie Blocking – 136 times 3 registry hives = 408
  • Restricted Site (by Domain) - 2348 times 2 registry hives = 4696
  • Restricted Site (by Range) - 64 times 1 registry hive = 64 (it appears that instead counting restricted site by range entries for each registry hive they are immunized in (2) they are only counted once)
963 + 408 + 4696 + 64 = 6131

That leaves the Mystery Six (6) or on a Windows 2000 system:
  • Mystery Six (6) - 6 times 2 registry hives = 12
963 + 408 + 4696 + 64 + 12 = 6143

The counts on my Windows XP system are:
  • ActiveX Blocking – 963 times 1 registry hive = 963
  • Cookie Blocking – 136 times 6 registry hives = 816
  • Restricted Site (by Domain) - 2348 times 5 registry hives = 11740
  • Restricted Site (by Range) - 64 times 1 registry hive (although it should be times 5) = 64
  • Mystery Six (6) - 6 times 5 registry hives = 30
963 + 816 + 11740 + 64 + 30 = 13613
 
Last edited:
understand the math but am still concerned why only one user sees this.

If it is was an off by one error and all users saw it I could understand it but the one user thing makes me think it is something windows side that can cause/affect this issue?

cheers
 
You must log in or register to reply here.
Back
Top