O
OldBoy
Just got it.
OldBoy
OldBoy
G
Guest
Still has same false positive, plus the same 5807 defs keep downloading evey
time you check for an update.
time you check for an update.
B
Bill Sanderson
Thanks!--this is a rev to correct the false positive in 5805.
G
Guest
I have the same problem about constant updating from 5805 to 5807. This has
been an ongoing problem and one would think after THIS LONG with this same
problem MS would fix it but I guess I am wrong as it happens over & over &
over!!
been an ongoing problem and one would think after THIS LONG with this same
problem MS would fix it but I guess I am wrong as it happens over & over &
over!!
R
Randy Knobloch
Bill Sanderson said:
The false-positive being...
Randy
--
siljaline
MS - MVP Windows (IE/OE) & Security, AH-VSOP
_________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31
Reply to group, as return address
is invalid that we may all benefit.
G
Guest
Miraculously fixed itself - same 5807 defs.
Barry said:
B
Bill Sanderson
Some essential components of several Symantec Corporate Antivirus versions
are being identified as PWS.Banco.A
--
are being identified as PWS.Banco.A
--
B
Bill Sanderson
When it wasn't fixed, the 5807 definition update was incomplete. Some of
the indicators of the version in place or success of the update are
inaccurate.
--
the indicators of the version in place or success of the update are
inaccurate.
--
G
Guest
I just downloaded the latest 5807 and it is still mis identifying Symantec
Corporate Edition v10 and chewing up the Symantec registry. Which effectively
kills the Symantec AV RTVscan. It prevents savrt32.dll from launching.
How about a clean definition file ?? I am getting tired of having to
reinstall AntiVirus on my test box.
Corporate Edition v10 and chewing up the Symantec registry. Which effectively
kills the Symantec AV RTVscan. It prevents savrt32.dll from launching.
How about a clean definition file ?? I am getting tired of having to
reinstall AntiVirus on my test box.
R
Randy Knobloch
Bill Sanderson said:
Thanks!
Randy
--
siljaline
MS - MVP Windows (IE/OE) & Security, AH-VSOP
_________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31
Reply to group, as return address
is invalid that we may all benefit.
G
Guest
Just downloaded 5807 but the thing says 160/158, then when I do it again it
goes to 158/158 and then back to the 160/158. Man this is annoying...
goes to 158/158 and then back to the 160/158. Man this is annoying...
B
Bill Sanderson
This is going to bug a bunch of people this time around because of the false
positive.
My advice: If you are certain what you are seeing is the false positive,
set it to ignore.
I would also, at this point, not knowing in what time zone you are, or when
your machine(s) might do an unattended scan--that you avoid having an
unattended scan happen, if possible, until you are certain the definitions
have properly updated. I don't know what the default action for this bug
is, but it might well be one that will involve disabling Symantec Corporate
antivirus.
--
positive.
My advice: If you are certain what you are seeing is the false positive,
set it to ignore.
I would also, at this point, not knowing in what time zone you are, or when
your machine(s) might do an unattended scan--that you avoid having an
unattended scan happen, if possible, until you are certain the definitions
have properly updated. I don't know what the default action for this bug
is, but it might well be one that will involve disabling Symantec Corporate
antivirus.
--
G
Guest
Well I finally got the newest version, then did a deep scan, and so far it
detected nothing about Nortons. I will watch it for a few days and if I see
that false positive thing, I will ignore it and probably uninstall the MAS. I
never downloaded the One Care thing, and now have no intensions of doing it,
as I feel this Microsoft thing isn't running as smoothly as people hoped it
would. JMHO
detected nothing about Nortons. I will watch it for a few days and if I see
that false positive thing, I will ignore it and probably uninstall the MAS. I
never downloaded the One Care thing, and now have no intensions of doing it,
as I feel this Microsoft thing isn't running as smoothly as people hoped it
would. JMHO
P
plun
Hi Bill
I must laugh to this.......
Well, MS testbed again and/or beta users (who are they ?) ?!
If anyone did something equal with a MS program, MS strangled them
regards
plun
I must laugh to this.......
Well, MS testbed again and/or beta users (who are they ?) ?!
If anyone did something equal with a MS program, MS strangled them
regards
plun
B
Bill Sanderson
Can you check some details for me?
Compare Help, about, Diagnostics results with the lines below, and tell me
if you see the same info for every line?
------------------------
Definitions Increment Version: 160/160
Definitions ThreatAuditThreatData: 1355029
Definitions ThreatAuditScanData: 3098970
Definitions DeterminationData: 806390
------------------------
My present take is that the definitions are properly fixed, but that the
flakey updating process in beta1 is causing the results we are seeing--but I
need some more data points.
--
Compare Help, about, Diagnostics results with the lines below, and tell me
if you see the same info for every line?
------------------------
Definitions Increment Version: 160/160
Definitions ThreatAuditThreatData: 1355029
Definitions ThreatAuditScanData: 3098970
Definitions DeterminationData: 806390
------------------------
My present take is that the definitions are properly fixed, but that the
flakey updating process in beta1 is causing the results we are seeing--but I
need some more data points.
--
B
Bill Sanderson
Well--there'll be lots of Microsoft people and Symantec people at next weeks
RSA conference--we'll see whether they are able to be in the same rooms
without fights breaking out.......
<G>
--
RSA conference--we'll see whether they are able to be in the same rooms
without fights breaking out.......
<G>
--
B
Bill Sanderson
Perry and Barry--until the 5807 definitions are fully in place, you will
likely still see the false positive. You are quite correct that this is an
old problem. It will go away with beta2, which I expect quite soon--but it
is biting us at the moment with this quick definition switch.
If you have a caching server on your network, ask that the cache be flushed.
Otherwise, retrying file, check for updates is what I recommend.
--
likely still see the false positive. You are quite correct that this is an
old problem. It will go away with beta2, which I expect quite soon--but it
is biting us at the moment with this quick definition switch.
If you have a caching server on your network, ask that the cache be flushed.
Otherwise, retrying file, check for updates is what I recommend.
--
P
Pen
For whatever it's worth, I get those numbers here in central
Pennsylvania.
Pennsylvania.
G
Guest
Bill, those are the numbers I have also, but saw a post from someone with
different numbers. Wow, this update has caused alot of headaches.
different numbers. Wow, this update has caused alot of headaches.
B
Bill Sanderson
If you get those numbers and are not seeing the false positive, you're in
good shape--
Bill--in eastern PA.
--
good shape--
Bill--in eastern PA.
--