JerryZ's dashboard

JerryZ replied on August 15, 2009 04:27 to the problem "I hate ow.ly" in HootSuite:

Hi,

I googled ow.ly and got this link. I have only used getsatisfaction for "Sunbelt Software", so this is a first time for HootSuite. A friend sent me an ow.ly link and I went a-googling.

Just some feedback. I don't click on short URLs (like http:// ow.ly/k7c1) or any URL which I don't know or don't trust. There is way too much malware, adware, and browser/application/machine hijacking going on. I want verifiable, trustworthy links.

It seems to me that using a frame to hijack the browser is potentially compounding a browser's vulnerabilities. And like IE7 and IE8 need more vulnerabilities. And, BTW, I don't use twitter. I am not big on social technology (even though I am an ex-microsoftie). I use it very selectively.

I have nothing personal against HootSuite. Heck, I did not know about ow.ly or HootSuite until less than an hour ago. I am just cautious.

--Jerry

A comment on the question "Erroneous Out of date Risk definition report" in Sunbelt Software:

Try shutting your computer off like JerryZ did to see if Vipre automatically updates to latest definitions.

Sean, I put my computer on standby because I was leaving for several hours. I don't believe that there is anything wrong with my computer clock.

I, too, suspect a propagation issue. This has occurred before at Sunbelt. What I suspect is:

>> Our clients are contacting the server to check for out-of-date status, and the server is delivering a false status.

>> Or, the status server has not been notified of the new update.

>> Or a myriad of other reasons.

I trust Sunbelt. I have been using CounterSpy and SB firewall for a while. I recently dropped my old CA eTrust AV and installed Vipre AV. I count on Sunbelt to handle the updates flawlessly and seamlessly. Occasionally a problem is encountered in the update process. Please let us know when you encounter such a problem. Occasionally, we customers will find it first; if so, please take responsibility and accountability for the problem. IMHO, that is how to increase trust.

Even an "I don't know. Let me check." is greatly appreciated. Blaming computer clocks can come across as a dodge. – JerryZ, on April 29, 2009 09:16

JerryZ replied on April 28, 2009 07:16 to the question "No definition file updates?" in Sunbelt Software:

Please see http://getsatisfaction.com/sunbeltsof.... The issue seems to be resolved.

JerryZ replied on April 28, 2009 07:06 to the question "Erroneous Out of date Risk definition report" in Sunbelt Software:

5112 has now propagated. My definitions have been updated. The timestamp on 5112 is 4/27 16:44:11, which is 4/28 04:44:11 here in Taipei. (We are 12 hours ahead of EDT)

As of 13:30 Taipei (01:30 EDT), 5112 had not propagated; Vipre defs were not updated. I shut down my computer and restarted at 14:43 Taipei. The defs updated at that time.

JerryZ replied on April 28, 2009 05:16 to the question "Erroneous Out of date Risk definition report" in Sunbelt Software:

Why does VIPRE claim my risk definitions are out of date when I have checked the SunBelt Software site to confirm the fact that I have the latest definitions?

Ditto. Vipre shows that they are out of date on the Overview tab. Clicking Update shows out of date, too.

A comment on the question "Erroneous Out of date Risk definition report" in Sunbelt Software:

I too have this problem, and my defenitions are up to date (5111)

I have the same issue. Ditto for me. My definitions are up to date.

Questions:

Why doesn't the software contact the server to check the update status? Or maybe it does?

Secondly, you have issued 17 updates since April 15 up through April 24. You have not issued an update since then. Is this just a weekend issue and there was nothing pressing on Monday? The 2 previous Mondays you issued 3 updates. Just curious?

I just like keeping my computer protected. – JerryZ, on April 28, 2009 05:07

JerryZ started following the question "Erroneous Out of date Risk definition report" in Sunbelt Software.

JerryZ reported a problem in Sunbelt Software on February 24, 2009 11:50:

CS 3.1: "your risk definitions are out of date"

I have CS 3.1.2416. I have the latest definition, 5003. I click update on the sbamui window. It tells me I have 5003 and it is out of date. I go to http://www.sunbeltsoftware.com/Home-H.... 5003 is the latest definition at the site. Help please.

A comment on the question "Code injection intrusion attempt triggered by Google Desktop Action" in Sunbelt Software:

Hi Peter,

Sorry, I misread the intrusion dialog.

Here is what happens. I open Google Desktop. I search for George Carlin Quotes. GD finds a text file, amongst other results. I click on the link to the text file. Voila, an intrusion alert dialog. Also, the text file opens.

Here is what the intrusion dialog says.

Technical details about the intrusion attempt:

Injector application: <unknown>
Description: </unknown><unknown>
File version:
Product name:
Product version:
Created: N/A
Modified: N/A
Accessed: N/A

Target application: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Description: Google Desktop
File version: 5.8.809.23506
Product name: Google Desktop
Product version: 5.8.809.23506
Created: 2007/3/30, 11:01:06
Modified: 2008/12/24, 00:53:30
Accessed: 2009/1/30, 04:39:47

Address of injection: 0x7C80AEDB

</unknown>

Questions. What app is causing the injection? Is this an issue with SPF (4.5.916) and an inability to monitor the Window’s kernel? Can this possibly be a rootkit at work? I don’t know.

Thanks for your help.

Take care,

--Jerry – JerryZ, on February 03, 2009 00:26

JerryZ asked a question in Sunbelt Software on February 02, 2009 02:36:

Code injection intrusion attempt triggered by Google Desktop Action

Hi James,

Thanks for replying to me by email to my question about “code injection intrusion attempt alert when using Google Desktop” (SPF Ticket #001-00-266757). This was occurring when, after a desktop search, I clicked on the file to open it. Thanks for the tips on how to make an exception for googledesktop.exe so as to allow code injections and buffer overflows.

My question, James, is not whether I can make an exception, but should I make an exception for googledesktop.exe? What concerns me are issues like Google’s “single sign on” (SSO). Mike Howard (Kim Cameron on GOOGs single sign on design vulnerability) has written about this. So has Kirk Cameron (Hole in Google SSO service). Supposedly, Google fixed this bug in September according to ZDNet (Google closes hole in Single Sign-On service).

As a skeptic and cynic (and mildly paranoid), I hesitate to make an exception. I denied each attempt and still had access to the file. So I was happy. I still don’t understand the injection attempt and thus hesitate to make an exception. It may be perfectly ok for all I know; but then again, it may be perfectly exploitable. I don’t know.

Take care,

--jerry

A comment on the question "Winsock problem with SPF" in Sunbelt Software:

Hi Nick,

Thanks for all your help. I have opened up another topic to track the SPF updated version install error 1603: http://getsatisfaction.com/sunbeltsof...

Take care,

--jerry – JerryZ, on January 29, 2009 13:12

JerryZ marked one of Nick H.'s replies in Sunbelt Software as useful. Nick H. replied to the question "Winsock problem with SPF".

JerryZ gave praise in Sunbelt Software on January 29, 2009 02:49:

TimN was very helpful and professional in resolving CounterSpy issues.

Hi. I experienced some issues with Counterspy in late October of 2008. I contacted Sunbelt and TimN responded (support ticket 001-00-250249). It turned out that Dell’s pre-installed Embassy Suites was colliding with many EXEs on my machine, including Counterspy. It was installing hooks into all the open processes. With Tim’s patient, professional help, I was able to resolve the issue.

I have been most happy with Counterspy. It has worked well with CA’s eTrustAV.

Thanks, Tim. I really appreciate all your help.

--jerry

JerryZ gave praise in Sunbelt Software on January 29, 2009 02:35:

NickH has been very helpful and professional in resolving SPF issues

NickH has been very helpful and professional in resolving a number of SPF issues (http://getsatisfaction.com/sunbeltsof...). Currently I am tracking the version update issue at http://getsatisfaction.com/sunbeltsof....

Nick offered me the opportunity to be on the "needs new version" list for SPF by emailing support@sunbeltsoftware.com. Furthermore, Sunbelt has posted the 1603 error when attempting to upgrade to a newer version of SPF (http://support.sunbeltsoftware.com/De...).

Having worked for Microsoft in the past, customer service support is a sensitive issue with me. I am happy with Sunbelt’s Support. Keep up the good work, NickH.

I really appreciate having this site available for “completing the loop” and promoting transparency.

--jerry

JerryZ started following the discussion "SPF-Nightmare, Uninstalling got me a crashed computer" in Sunbelt Software.

JerryZ reported a problem in Sunbelt Software on January 29, 2009 01:55:

Upgrades for SPF 4.5.916 are failing with Error 1603 internal (Jan 29, 2009). What is ETA for correcting this issue?

Hi. This is a known issue. I am putting out this report for the purpose of tracking. I sent the following to support@sunbeltsoftware.com.

Hi,

NickH suggested below (and at http://getsatisfaction.com/sunbeltsof...) that I request to be on your "needs new version" list for SPF. I am currently stuck on 4.5.916 because all upgrades are failing to install (1603 Internal Error). You have covered this issue in your KB article 1829 (http://support.sunbeltsoftware.com/De...).

Please let me know the ETA for the new version. BTW, the support ticket was 263996.

Thanks,

--Jerry

I am pleased with the progress in resolving this issue. NickH has been most helpful.

A comment on the question "Winsock problem with SPF" in Sunbelt Software:

Hi Nick,

Thanks for the answer. Thanks for your honesty. At least I have a viable firewall running.

Thanks for the tip on setting rules for CA's inodist.exe. At first, I could not get SPF to pop alerts for incoming and outgoing messages. That was last night. This morning I went to Security Center to handle the disabling of SPF and enabling of Windows Firewall. At that time, I noticed that both firewalls were running. So I disabled WF and revised "All other Apps" permissions to ask on all connections in and out. I created the rule for inodist and it works just fine now. Thanks for your help.

To be honest, I was surprised that SPF had not disabled WF.

I will wait for a version of SPF which installs correctly. I will probably soon post another entry out at getsatisfaction to track the SPF update.

BTW, thanks for entry 1829 in the Sunbelt KB.

Take Care,

--jerry – JerryZ, on January 28, 2009 09:34

A comment on the question "Winsock problem with SPF" in Sunbelt Software:

Hi Nick and Peter,

I finally have 4.5.916 installed. I tried 916 on an advanced mode. That install was a disaster with continual repetitiously popping dialog warnings. It was in a perpetual loop. I uninstalled and cleaned. Yesterday, I installed it again, this time in simple mode and it worked. It then asked me if I wanted to upgrade and I clicked ok. It tried to install 1861 and ran into the same 1603 internal error. I sent you the log already on the 20th. It hosed my install of 916. So I did another clean.

Finally I did another simple mode install. It is working, kind of.

I am left with several problems (As of now. Who knows what additional issues I will encounter?)

> I am stuck on 916. How do I get an upgrade which really installs?

> SPF 916 blocks automatic signature updates for CA's eTrustAV. My HACK workaround is to disable the firewall and do the autoupdate on Window's Firewall. Or I could go out to CA and do manual downloads.

> It seems like you have been doing a lot of guessing at the issues on this thread. I am not thrilled at being your R&D department. I want a product that works. That's all. Using the line, "That 1603 error sometimes occur when a script in the installation is not running correctly.", is not acceptable to me,

So where do we go from here? Please, no more guessing. I would appreciate you saying, "I don't know." if you don't know. Or list some alternatives.

Take Care,

--jerry – JerryZ, on January 27, 2009 09:38

JerryZ started following the problem "{CFirewallSDKImpl_2_0::CFirewallSDKImpl_2_0} Error" in Sunbelt Software.

JerryZ started following the problem "{CFirewallSDKImpl_2_0::CFirewallSDKImpl_2_0} Error" in Sunbelt Software.