A
Acadia
New 5711 still has the SpywareBlaster FP.
Acadia
Acadia
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bill Sanderson
Acadia--I've now tested myself and I don't confirm that.
Can you double check the actual definition files present on your
machine--here's what they look like on mine:
-------------------------------------------------------------------------
04/21/2005 12:13 AM 2,309,022 gcThreatAuditScanData.gcd
04/22/2005 06:46 PM 1,320,692 gcThreatAuditThreatData.gcd
Detailed File Analysis
Display name: gcThreatAuditThreatData.gcd
Name: gcThreatAuditThreatData.gcd
Publisher: Unspecified
Path: D:\Program Files\Microsoft AntiSpyware\gcThreatAuditThreatData.gcd
Size: 1320692 bytes
Create date: Friday April 15, 2005
Access date: Saturday April 23, 2005
Modified date: Friday April 22, 2005
MD5: b14f9714dec123e0194f7febd9d09c57
Detailed File Analysis
Display name: gcThreatAuditScanData.gcd
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: D:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 2309022 bytes
Create date: Friday April 15, 2005
Access date: Saturday April 23, 2005
Modified date: Thursday April 21, 2005
MD5: 71790386817e73328e9cb157119e01cd
Can you double check the actual definition files present on your
machine--here's what they look like on mine:
-------------------------------------------------------------------------
04/21/2005 12:13 AM 2,309,022 gcThreatAuditScanData.gcd
04/22/2005 06:46 PM 1,320,692 gcThreatAuditThreatData.gcd
Detailed File Analysis
Display name: gcThreatAuditThreatData.gcd
Name: gcThreatAuditThreatData.gcd
Publisher: Unspecified
Path: D:\Program Files\Microsoft AntiSpyware\gcThreatAuditThreatData.gcd
Size: 1320692 bytes
Create date: Friday April 15, 2005
Access date: Saturday April 23, 2005
Modified date: Friday April 22, 2005
MD5: b14f9714dec123e0194f7febd9d09c57
Detailed File Analysis
Display name: gcThreatAuditScanData.gcd
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: D:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 2309022 bytes
Create date: Friday April 15, 2005
Access date: Saturday April 23, 2005
Modified date: Thursday April 21, 2005
MD5: 71790386817e73328e9cb157119e01cd
C
Cycloid Torus
Bill-
I just downloaded 5711 and ran it and got FP again.
I don't know how to do a detailed file analysis, but the ThreatData file I
have is a few bytes larger.
CT
I just downloaded 5711 and ran it and got FP again.
I don't know how to do a detailed file analysis, but the ThreatData file I
have is a few bytes larger.
CT
B
Bill Sanderson
The detailed analysis is from Microsoft Antispyware, tools, advanced tools,
advanced file analyzer (Dang this program is advanced......)
I'd recommend deleting both definition files and watching to see what
happens.
advanced file analyzer (Dang this program is advanced......)
I'd recommend deleting both definition files and watching to see what
happens.
G
Guest
Nevermind, I was using the old original version of Beta.
Once I installed the 1.0.509, then downloaded the 5711, all
is well.
Acadia
Once I installed the 1.0.509, then downloaded the 5711, all
is well.
Acadia
C
Cycloid Torus
So I deleted both def files. Checked my program v("1.0.509") and tried
update. So after 3 "updates" it rebuilt gcThreatAuditThreatData.gcd to
stated size but not same MD5
Name: gcThreatAuditThreatData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditThreatData.gcd
Size: 1321840 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Thursday April 21, 2005
MD5: cb9b282afa7217e170b8f608279fafc2
; did not rebuild gcThreatAuditScanData.gcd which is a poor puny thing now:
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 578 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Saturday April 23, 2005
MD5: 1ff58fa64f36df5f1b5f671bc1384bce
Ran SCAN anyway - no FP - of course if your def file is a puny thing, maybe
there can't be a FP.
: ) CT
update. So after 3 "updates" it rebuilt gcThreatAuditThreatData.gcd to
stated size but not same MD5
Name: gcThreatAuditThreatData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditThreatData.gcd
Size: 1321840 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Thursday April 21, 2005
MD5: cb9b282afa7217e170b8f608279fafc2
; did not rebuild gcThreatAuditScanData.gcd which is a poor puny thing now:
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 578 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Saturday April 23, 2005
MD5: 1ff58fa64f36df5f1b5f671bc1384bce
Ran SCAN anyway - no FP - of course if your def file is a puny thing, maybe
there can't be a FP.
: ) CT
B
Bill Sanderson
I wouldn't blame it on the old version--yours was one of 4 that I know of
that had similar problems. Glad you got it fixed.
that had similar problems. Glad you got it fixed.
C
Cycloid Torus
So, after a night's sleep, running update rebuilt gcThreatAuditScanData.gcd.
However, I am unclear why it would be 239 bytes larger than Bill's file
(detail below). Full scan repots that it is "clean" and no FP. Other 2
machines also cleared the FP with successful 5711s from late last night.
They have the 239 byte larger gcThreatAuditScanData.gcd as well.
I noted a significant change in the update site's responsiveness this AM
from last PM. Instead of many hesitations, the update session this AM took
less than 1 minute (and seemed to fully utilize my cable connection for
once).
While 5709 might have had a FP, could the rest of the difficulties been
caused or abetted by bad cache somewhere (if update to 5711 was only
partial? seemed so). If it is not a program issue or a definition issue, but
rather equpment or cache, how might we tell? It would be rather a waste of
"beta effort" (like my 4 hours) if it is a bad server or an incomplete
mirror refresh.
I raise this because of the difference in file size, the difference in the
checksum (I'm guessing that is what MD5 is - if I am wrong, please correct
me), the hesitations in the update routine, the breakdown in the file
refresh after I clobbered the 2 def files (see below about the 97 pound
weakling file I kept on getting).
Detailed File Analysis
Display name: gcThreatAuditScanData.gcd
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 2309261 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Friday April 22, 2005
MD5: e2fc466755d5ae4b6082a15fc31cb68e
However, I am unclear why it would be 239 bytes larger than Bill's file
(detail below). Full scan repots that it is "clean" and no FP. Other 2
machines also cleared the FP with successful 5711s from late last night.
They have the 239 byte larger gcThreatAuditScanData.gcd as well.
I noted a significant change in the update site's responsiveness this AM
from last PM. Instead of many hesitations, the update session this AM took
less than 1 minute (and seemed to fully utilize my cable connection for
once).
While 5709 might have had a FP, could the rest of the difficulties been
caused or abetted by bad cache somewhere (if update to 5711 was only
partial? seemed so). If it is not a program issue or a definition issue, but
rather equpment or cache, how might we tell? It would be rather a waste of
"beta effort" (like my 4 hours) if it is a bad server or an incomplete
mirror refresh.
I raise this because of the difference in file size, the difference in the
checksum (I'm guessing that is what MD5 is - if I am wrong, please correct
me), the hesitations in the update routine, the breakdown in the file
refresh after I clobbered the 2 def files (see below about the 97 pound
weakling file I kept on getting).
Detailed File Analysis
Display name: gcThreatAuditScanData.gcd
Name: gcThreatAuditScanData.gcd
Publisher: Unspecified
Path: C:\Program Files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
Size: 2309261 bytes
Create date: Saturday April 23, 2005
Access date: Saturday April 23, 2005
Modified date: Friday April 22, 2005
MD5: e2fc466755d5ae4b6082a15fc31cb68e
B
Bill Sanderson
Cycloid Torus said:So, after a night's sleep, running update rebuilt
gcThreatAuditScanData.gcd. However, I am unclear why it would be 239 bytes
larger than Bill's file (detail below). Full scan repots that it is
"clean" and no FP. Other 2 machines also cleared the FP with successful
5711s from late last night. They have the 239 byte larger
gcThreatAuditScanData.gcd as well.
I noted a significant change in the update site's responsiveness this AM
from last PM. Instead of many hesitations, the update session this AM took
less than 1 minute (and seemed to fully utilize my cable connection for
once).
While 5709 might have had a FP, could the rest of the difficulties been
caused or abetted by bad cache somewhere (if update to 5711 was only
partial? seemed so). If it is not a program issue or a definition issue,
but rather equpment or cache, how might we tell? It would be rather a
waste of "beta effort" (like my 4 hours) if it is a bad server or an
incomplete mirror refresh.
I raise this because of the difference in file size, the difference in the
checksum (I'm guessing that is what MD5 is - if I am wrong, please correct
me), the hesitations in the update routine, the breakdown in the file
refresh after I clobbered the 2 def files (see below about the 97 pound
weakling file I kept on getting).
I'm not ready to go back and dig into the nitty gritty of the file sizes and
checksums at this late date, I'm afraid. I think the point you raise is
important, and I suspect Microsoft and Giant before them are well aware of
it.
An antivirus app or antispyware app can be "attack surface" in a system if
the definition process can be subverted. Read some of the fuss surrounding
Trend Micro's definition problems over last weekend to see what can
happen--and in that case it was their own doing,
If the caches are causing the files to not be received properly, the update
shouldn.t happen and the old definitions remain in force, I'd think--but I'm
not sure your evidence here indicates that as the current behavior.
C
Cycloid Torus
I think that you may be correct, though I am still puzzled how one file
could update to 5711 and not the other (but it is a Beta, so I haven't
quarantined my entire computer), but I wish there was a way in which we
could really tell if the "cop on the beat" was real or not. Palladium seems
to be headed that way - if so, worth the cost of upgrade.
could update to 5711 and not the other (but it is a Beta, so I haven't
quarantined my entire computer), but I wish there was a way in which we
could really tell if the "cop on the beat" was real or not. Palladium seems
to be headed that way - if so, worth the cost of upgrade.
B
Bill Sanderson
That's an interesting project indeed. I'd love to be part of a beta-test
for it, but the price of admission may be too high for me.
for it, but the price of admission may be too high for me.