Bad checksum on download of updates to spybot

[news.rcn.com]

Does anyone know what "Bad checksum" on downloading of updates to spybot
means?

I pressed on a link in a spoof email QUESTION FROM EBAY MEMBER which did
nothing

Which tends to mean that it very definitely did SOMETHING in the background,
otherwise they wouldn't have sent the email and now spybot doesn't download
updates. Is this a recognised trojan yet?

(Updated NAV found nothing when I did this or generally when the email came
in)

 

[YoKenny]

Does anyone know what "Bad checksum" on downloading of updates to
spybot means?

The site is very buzy.

Try a different download site.

 

[Shane]

Does anyone know what "Bad checksum" on downloading of updates to
spybot means?

I pressed on a link in a spoof email QUESTION FROM EBAY MEMBER which
did nothing

What typically happens with the eBay phishing e-mails is the link takes you
to a spoof web page. Spybot S&D will almost certainly block access to such
known pages. If you've got SD Helper set to block silently I expect nothing
would appear to happen.

Which tends to mean that it very definitely did SOMETHING in the
background, otherwise they wouldn't have sent the email and now
spybot doesn't download updates. Is this a recognised trojan yet?

If you think it's a trojan then submit it to SARC, but I doubt it's any more
than the same old eBay phishing scam.

Bad checksum errors when attempting to update Spybot are quite common these
days, usually solved by trying several times (each time you hit Check For
Updates it tries a different server), or by trying later.

I wasn't able to get the latest Spybot updates via the GUI regardless of
time of day, server, or indeed, Windows version. Personally I'm getting fed
up with Spybot updating and immunizing issues in recent months.

Here's the link to manually update:
http://www.spybotupdates.com/updates/files/spybotsd_includes.exe


Shane

 

[ryan weihl]

Does anyone know what "Bad checksum" on downloading of updates to
spybot means?

I pressed on a link in a spoof email QUESTION FROM EBAY MEMBER which
did nothing

Which tends to mean that it very definitely did SOMETHING in the
background, otherwise they wouldn't have sent the email and now
spybot doesn't download updates. Is this a recognised trojan yet?

(Updated NAV found nothing when I did this or generally when the
email came in)

there is one site in the US that I get CRC errors on, the other
site is ok.
rw

 

[ComPCs]

Personally I'm getting fed up with Spybot updating
and immunizing issues in recent months

Likewise, and I now prefer to use the online scanner at Trend Micro.

 

[Art]

Personally I'm getting fed
up with Spybot updating and immunizing issues in recent months.

Why are you interested in Spybot's immunize, may I ask? I see no
point in it for alternate browser users who have the alternate
browser set as the system default.

Art

http://home.epix.net/~artnpeg

 

[ComPCs]

Why are you interested in Spybot's immunize, may I ask? I see no
point in it for alternate browser users who have the alternate
browser set as the system default.

'cos sometimes, albeit rarely these days, there is a need to view a site
in IE.

I view different sites in IE simply because I am an amateur web
developer who needs to view different sites in different browsers for a
variety of different reasons.

Subsequently, despite the fact I have in place an armoury of protection,
and can fight my own corner 'cos in the main I know what i'm doing,
those extra layers make me feel a whole lot more secure.

 

[news.rcn.com]

Well I wasnt THAT worried as it didnt take me to a site where I had to enter
my personal ID details but I still thought that it MIGHT be some trojan
which is suddenly active but known.

(Apparently not)

What is it supposed to do then if it isnt trying to harvest information or I
suppose that is what Spybot has silently blocked?

Anyway thanks guys, Spybot has now downloaded from a different site and I
dont appear to have anything (except for obvioously informing me whenever it
does a scan that I have a hardware firewall and dont need to have XP
continuously nag me to turn the firewall and antivirus on)

 

[Shane]

Well I wasnt THAT worried as it didnt take me to a site where I had
to enter my personal ID details but I still thought that it MIGHT be
some trojan which is suddenly active but known.

Not sure I follow degrees of worry one might have a trojan. If one suspects
it, one ought to prove it one way or the other.

Shane

 

[Art]

'cos sometimes, albeit rarely these days, there is a need to view a site
in IE.

I view different sites in IE simply because I am an amateur web
developer who needs to view different sites in different browsers for a
variety of different reasons.

Subsequently, despite the fact I have in place an armoury of protection,
and can fight my own corner 'cos in the main I know what i'm doing,
those extra layers make me feel a whole lot more secure.

I tried it and wound up locked out of IE security settings. Couldn't
get riid of the lockout via the means suggested in Help. Wound up
uninstalling Spybot and using ERUNT to restore registry, then
reinstalling Spybot. This was on Win 2K Pro. Looks to like Spybot
is buggy in this regard.

Art

http://home.epix.net/~artnpeg

 

[news.rcn.com]

It is just a worry about what these guys are doing sending these pieces of
mail which dont seem to do anything or advertise anything


When I press on a button and nothing happens, I start worrying but it may
just be some element of paranoia.

 

[Alan Pollock]

Why are you interested in Spybot's immunize, may I ask? I see no
point in it for alternate browser users who have the alternate
browser set as the system default.

Except for Opera (an excellent default browser imho), at least according to
Sypbot 1.4's immunization menu. Nex

 

[Shane]

Why are you interested in Spybot's immunize, may I ask? I see no
point in it for alternate browser users who have the alternate
browser set as the system default.

I use IE quite a lot, Art. At least as much bugs me about Firefox as IE and
as ComPCs says, I too use plenty enough sites that work best in IE.

I do a lot of my surfing laid back, using a wireless mouse and don't like
that Firefox's built in Google requires hitting the Enter key of a keyboard.

Also I mostly use XP SP2 - which has IE 6.0 SP2 (with popup blocker and
other enhancements. When I'm not testing IE 7.0, that is, which also has
tabbed browsing and anti-phishing and other stuff I haven't investigated
yet).

I don't use Spybot's bad download blocker or Tea Timer (I don't even know
what *that* one is!), just Immunize, which as far as I know just puts
certain sites in Restricted Zone.

I think there's no great need to set Firefox as default browser with all the
other security enhancements in place. Experience hasn't shown a need to do
so and whenever I've set Firefox as default I've rapidly got annoyed with
it. I do use it a lot, but prefer IE as default. With Spybot,
Spywareblaster, IE-Spyad, Restricted Zone maxed out, Install On Demand
(both) disabled, a custom Cookie Handling .xml file, drag and drop disabled,
and all the MS patches, I don't have many qualms about using IE.


Shane

 

[Shane]

I tried it and wound up locked out of IE security settings. Couldn't

get riid of the lockout via the means suggested in Help. Wound up
uninstalling Spybot and using ERUNT to restore registry, then
reinstalling Spybot. This was on Win 2K Pro. Looks to like Spybot
is buggy in this regard.

What, *just* Immunize?


Shane

 

[Shane]

I use IE quite a lot, Art. At least as much bugs me about Firefox as

IE and as ComPCs says, I too use plenty enough sites that work best
in IE.

Actually, ComPCs didn't say that, did he!

Whatever!


Shane

 

[Art]

What, *just* Immunize?

Not sure since I had been trying all of the optinal settings.

Art

http://home.epix.net/~artnpeg

 

[Art]

I use IE quite a lot, Art. At least as much bugs me about Firefox as IE and
as ComPCs says, I too use plenty enough sites that work best in IE.

I've had just a few problems with page rendering using Mozilla lately.
Even the Virus Total results come up ok now.

I do a lot of my surfing laid back, using a wireless mouse and don't like
that Firefox's built in Google requires hitting the Enter key of a keyboard.

Also I mostly use XP SP2 - which has IE 6.0 SP2 (with popup blocker and
other enhancements. When I'm not testing IE 7.0, that is, which also has
tabbed browsing and anti-phishing and other stuff I haven't investigated
yet).

I don't use Spybot's bad download blocker or Tea Timer (I don't even know
what *that* one is!), just Immunize, which as far as I know just puts
certain sites in Restricted Zone.

I think there's no great need to set Firefox as default browser with all the
other security enhancements in place. Experience hasn't shown a need to do
so and whenever I've set Firefox as default I've rapidly got annoyed with
it. I do use it a lot, but prefer IE as default. With Spybot,
Spywareblaster, IE-Spyad, Restricted Zone maxed out, Install On Demand
(both) disabled, a custom Cookie Handling .xml file, drag and drop disabled,
and all the MS patches, I don't have many qualms about using IE.

Since I shun IE as much as possible, I have no need for additional
security enhancements for it. I just use it if I'm pretty sure the web
site is ok.

The reason I insist on Moz being the default browser is clickable
links. I often follow links on newsgroups to alleged dangerous sites.
And that might mean one of the unpatched IE vulnerabilities. I just
see no point in using IE, especially since CERT has advised strongly
to use a alternate browser.

Art

http://home.epix.net/~artnpeg

 

[Shane]

I think there's no great need to set Firefox as default browser with

Since I shun IE as much as possible, I have no need for additional
security enhancements for it. I just use it if I'm pretty sure the web
site is ok.

Fair enough, but besides a little time checking for updates - which, of
course someone will always notify the groups - it isn't much effort, so why
not do it anyway?

The reason I insist on Moz being the default browser is clickable
links. I often follow links on newsgroups to alleged dangerous sites.
And that might mean one of the unpatched IE vulnerabilities.

In that case I open FF and copy the link into it.

I just
see no point in using IE, especially since CERT has advised strongly
to use a alternate browser.

Is this going on Microsoft's track record; the assumption of many more
as-yet-undiscovered vulnerabilities? While I don't think you do this, it
seems to me that the impression many give who cite this assumption is of
alternative browsers not also being vulnerable. Luckily people also notify
the groups of the latest FF patch (new build). But only FF of the
alternatives, of course.

My recommendation to users is usually to use Firefox as default, but I know
that many users will simply not get on with it and revert to IE, so I try to
get them to do what I have done. Which gets back to my personally hardening
'as much as I can get away with' other people's machines - add to the above
list installing Kerio 2.1.5 and setting the rules up and/or closing
unnecessary ports - that is what I do.


Shane

 

[Shane]

Not sure since I had been trying all of the optinal settings.

Yeah, Spybot's not too transparent. I do only really consider the Immunize
feature safe. Or, indeed, useful! But of Spybot users I seem to be the only
one who only uses Immunize, so I can only speak for my preferences and not
really as an advocate of the software. On the ME groups I'm probably the
only one with stuff like Install On Demand disabled. Much of it - and
related progs - are about protecting against browser hijacking
(incidentally, add BHODemon to the list in the other thread. Forgot that
one!) which to me is irrelevent. I sometimes think my compadres would be
like kids in a candy store except it would imply they know what they're
doing. In the extremely unlikely event I ever get caught, I'll remove the
hijacker manually.

I'd be interested in opinions on IEMD:
http://www.jsware.net/jsware/iemd.php3 which incidentally requires scripting
enabled to run.


Shane

 

[Shane]

I'd be interested in opinions on IEMD:

http://www.jsware.net/jsware/iemd.php3 which incidentally requires
scripting enabled to run.

I enjoys Joe's rants. Food for thought. He crystallises my distrust of
Microsoft. And why 'Windows Genuine Advantage Suckers' has nothing to do
with piracy and everything to do with gullibility.

I should add that I think it highly unlikely I'll ever buy another version
of Windows. I've about given up on Linux ever being user-friendly. When ME
and XP no longer work, I'll probably just go back to riding the lanes and
walking the hills.

Shane