MSAS

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I see this a lot in posted messages what does MSAS stand for? I am new at
this stuff and need all the help I can get. I like this site alot
 
MSAS became Windows Defender. (-;

--
Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!
 
Menno said:
Or... MSAS became Windows Defender. )-:
Depending on how you look at it.
Click to expand...

Optimistically, I like to think Windows Defender will soon revert back
to MSAS :-)
....
 
ANONYMOUS said:
And why would this be? Anything you liked in MSAS that is not in
WD?
Click to expand...

Yes. WD disabled my cable connection. It is full of bugs - more than
there were in MSAS. I'd expect any software going from Beta 1 to Beta
2 to be: 1- less buggy; 2- more stable; 3-more intuitive to use;

I can live without MD. I cannot do without my connection. (QED)
 
Can you say more about that? What specifically was the order of events:

1) install Windows Defender.
(is the cable connection still working)
2) update and scan
Did you remove anything on the scan?

Is the cable connection still working?

If the connectivity break is caused by removal of spyware, or by a false
postive for some component of your networking hardware, this is definitely
something that needs to get fixed--can you help by supplying some info?

--
 
Bill

Installing the WD did not itself cause any problems. WD appeared to be
running normally.
It scanned, then my cable connectivity disappeared. I re-booted, the
connectivity was still not there.
I did a 'system restore' to an earlier version - all was well. I
re-installed WD, same problem.
That was enough for me. I uninstalled WD and re-installed MSAS.

(I did this sequence more than a couple of months ago now. Exactly
what was removed - if anything - is no longer something I rememeber.
Unfortunatley I am not willing to try it again until July 31st. (I
know there has been an engine upgrade and many definition updates in
the meantime - but no doubt
there will be many more until July.) If I have the same problems in
July it will be a case of '2 strikes and your out!'.

Sorry I cannot provide any more details - what was detected and what
removed. I do remember I had selected the option 'confirm before
remove', but that is all.

--
Kes




message
 
I can understand your reluctance to try this again soon!

Loss of network connectivity as a consequence of malware removal is a known
side-effect of both antivirus and antispyware removal. There's a kb article
about this for Microsoft Antispyware. Each new generation of the product
has been changed to lessen the occurrence of this side-effect but it does
still exist.

On XP, SP2, fortunately, there's a simple fix:

at a command prompt, do:

netsh winsock reset

and hit enter, and restart the system.

This would be what I would expect might be the cause of your issue, from the
description. It is also possible that what you saw was a false positive for
a component of your network software--we've seen some reports of those too.
The best preventative of that issue is to make sure you are running the
latest software your ISP has for your hardware, and, in general, give
Windows Defender some time so that the false positive might be removed from
the definition set.

If you really want do do some digging--the System Event log, filtered by
source "windefend" will have all the entries showing activity by Windows
Defender--including precisely what was detected and removed. There's even a
clipboard button to allow posting the individual records--and that might be
valuable in terms of preventing this happening in future.

You can open the event log:

start, run eventvwr.msc <enter>

Click on System, click on View, Filter, click on Source, choose windefend,
go back to the time of the original scan, and spot yellow-triangle entries
showing the precise detections involved.

Thinking about this--I'm about 50/50 on what may have happened on your
system. We have seen reports of a false positive for cable-modem related
drivers, and there is the known issue of winsock breakage--it'd be good to
know which you ran into.

--
 
Hi Bill

Thanks, a wealth of information in your email. (I'll remember 'netsh
winsock reset' for next time I install WD)

As for the events, here is one of the error messages (red x, not
yellow warning triangle)
--------------
The description for Event ID ( 2004 ) in Source ( WinDefend ) cannot
be found. The local computer may not have the necessary registry
information or message DLL files to display messages from a remote
computer. You may be able to use the /AUXSOURCE= flag to retrieve this
description; see Help and Support for details. The following
information is part of the event: %%826, 1.1.1051.0, 1, %%823,
0x8050a001, The program cannot find definition files that help detect
unwanted software. To check for updated definition files, click Start,
click All Programs, and then click Windows Update. , 2, %%824,
1.13.1272.4, 1.1.1185.0, , .

------
Unfortunately this means very little to me. All I can say is that it
is not true about updated definitions cannot be found, because an
earlier entry of the same morning (from Windows update agent) informs
me

---
Installation Successful: Windows successfully installed the following
update: Definition Update 1.13.1276.3 for BETA Windows Defender
(KB892519)

---

--
Kes


(I'll keep
message
 
Thanks - Those events probably indicate a problem that some users have where
one set of definitions isn't apprently fully in place, and thus another set
get offered repeatedly--but they don't relate to the issue that caused your
network connectivity issue, as far as I can spot. Thanks for looking,
anyway!

--
 
Back
Top