McAfee VirusScan DAT updater
Eep²
http://tnlc.com/eep/mcup.zip ) (readme at http://tnlc.com/eep/mcup.txt
) which I've been using since 2003, that stopped working after April
2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
dat####.tar now) and contents). It no longer works so I'm back to
manually downloading DAT files for the command-line version (I refuse
to have the bloatware GUI AntiVirus constantly running in the
background). Can anyone can create a program to download the latest
DAT file at http://download.nai.com/products/commonupdater/ or
ftp://ftp.nai.com/pub/antivirus/datfiles/4.x/ (now only has a tar
file--no zip--but the SuperDAT exe can be manually extracted via "/e"
switch for its DATs) and verify it against the current DATs so they
are not mindlessly redownloaded? I have command-line wget and unzip
programs and use a batch file to rename and move the DATs. Even better
would be to use the incremental DAT updates in http://download.nai.com/products/commonupdater/
(*.gem files) instead of having to download the obnoxiously large
~70MB (and growing with each update) compiled DAT file.
Thanks!
http://groups.google.com/group/alt.comp.anti-virus/browse_thread/thread/51fe27c5ed9e2c00/6e41b091483b7220
to see the original thread and a more recent thread on McAfee's site
(no response so far) at http://community.mcafee.com/thread/24897
David H. Lipman
| Thanks!
Ditto. McAfee has changed their motus operandi. The SuperDAT no longer contains the
command line scanner and they no longer use UPDATE.INI and they are integrating the
scaners engines and signatures of companies they recently purcahsed.
This has caused a detriment to the McAfee Module of my Multi AV Scanning Tool.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
gufus
You wrote on Wed, 19 May 2010 17:28:23 -0400:
DHL> This has caused a detriment to the McAfee Module of my Multi AV
DHL> Scanning Tool.
Those company's eh... always changing something.. pitches me a curve ball
too.
--
With best regards, gufus. E-mail: stop.nos...@shaw.ca
David H. Lipman
| Hello, David!
| You wrote on Wed, 19 May 2010 17:28:23 -0400:
DHL>> This has caused a detriment to the McAfee Module of my Multi AV
DHL>> Scanning Tool.
| Those company's eh... always changing something.. pitches me a curve ball
| too.
Trend Micro too.
They cahnged the web page that shows the signature update version.
It is fixed in my Multi AV v7.x Beta but I can't fix the McAfee module.
Think of replacing it.
Eep²
wrote:
> From: "Eep²" <eepNOS...@tnlc.com>
>
> | I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
> | ) which I've been using since 2003, that stopped working after April
> | 2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
> | dat####.tar now) and contents). It no longer works so I'm back to
> | manually downloading DAT files for the command-line version (I refuse
> | to have the bloatware GUI AntiVirus constantly running in the
> | background). Can anyone can create a program to download the latest
> | DAT file athttp://download.nai.com/products/commonupdater/or
> | file--no zip--but the SuperDAT exe can be manually extracted via "/e"
> | switch for its DATs) and verify it against the current DATs so they
> | are not mindlessly redownloaded? I have command-line wget and unzip
> | programs and use a batch file to rename and move the DATs. Even better
> | would be to use the incremental DAT updates in
> |http://download.nai.com/products/commonupdater/
> | (*.gem files) instead of having to download the obnoxiously large
> | ~70MB (and growing with each update) compiled DAT file.
>
> | Thanks!
>
> |http://groups.google.com/group/alt.comp.anti-virus/browse_thread/thread/51fe27c5ed9e2c00/6e41b091483b7220
> | to see the original thread and a more recent thread on McAfee's site
> | (no response so far) at http://community.mcafee.com/thread/24897
>
> Ditto. McAfee has changed their motus operandi. The SuperDAT no longer contains the
> command line scanner and they no longer use UPDATE.INI and they are integrating the
> scaners engines and signatures of companies they recently purcahsed.
>
> This has caused a detriment to the McAfee Module of my Multi AV Scanning Tool.
You can get engine updates at ftp://ftp.nai.com/pub/antivirus/engine/4.x/
David H. Lipman
| You can get engine updates at ftp://ftp.nai.com/pub/antivirus/engine/4.x/
DLL only for GUI, not the command line scanner.
charles
wrote:
Here you go,
===== Start batch clip (watch wrapping)
[01] @echo off
[02] pushd .
[03] cd /d "D:\Download\AV\mcafee"
[04] if /i arg%1 == arg/nodl goto :NODL
[05] wget -N -q --connect-timeout=15 --read-timeout=20
"ftp://ftp.nai.com//pub/antivirus/datfiles/4.x/sdat*.exe"
[06] :NODL
[07] dir /b /aa sdat*.exe >mcaf.lst 2>&1
[08] if errorlevel 1 goto :END
[09] for /f %%x in (mcaf.lst) do @if exist %%x start "" /wait %%x /e
%temp%\latest
[10] if exist %temp%\latest\. (xxcopy /v2 /da /zs /q3 /y
%temp%\latest\*.* C:\mcafee\) else (echo Some kind of error occurred.)
[11] rd /s /q %temp%\latest
[12] for /f %%d in ('dir /b /a-a sdat*.exe') do if exist "%%d" del "%%d"
[13] attrib -a sdat*.exe
[14] del mcaf.lst
[15] rem C:\util\contig153.exe -q C:\mcafee\*.* >NUL
[16] :END
[17] popd
===== End batch clip
charles
wrote:
>On Wed, 19 May 2010 13:09:37 -0700 (PDT), Eep² <eepN...@tnlc.com>
>wrote:
>
>>I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
>>http://tnlc.com/eep/mcup.zip ) (readme at http://tnlc.com/eep/mcup.txt
>>) which I've been using since 2003, that stopped working after April
>>2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
>>dat####.tar now) and contents). It no longer works so I'm back to
>>manually downloading DAT files for the command-line version (I refuse
>>to have the bloatware GUI AntiVirus constantly running in the
>>background). Can anyone can create a program to download the latest
>>DAT file at http://download.nai.com/products/commonupdater/ or
>>ftp://ftp.nai.com/pub/antivirus/datfiles/4.x/ (now only has a tar
>>file--no zip--but the SuperDAT exe can be manually extracted via "/e"
>>switch for its DATs) and verify it against the current DATs so they
>>are not mindlessly redownloaded? I have command-line wget and unzip
>>programs and use a batch file to rename and move the DATs. Even better
>>would be to use the incremental DAT updates in http://download.nai.com/products/commonupdater/
>>(*.gem files) instead of having to download the obnoxiously large
>>~70MB (and growing with each update) compiled DAT file.
>>
>>Thanks!
>>
>>http://groups.google.com/group/alt.comp.anti-virus/browse_thread/thread/51fe27c5ed9e2c00/6e41b091483b7220
>>to see the original thread and a more recent thread on McAfee's site
>>(no response so far) at http://community.mcafee.com/thread/24897
>
I should have mentioned that I have put together a few of these batch av
updaters that I put in a specific folder and run as scheduled background
jobs using a cron-like entry that executes the following on a once-a-day
schedule. Using Windows XP.
===== Start batch clip (watch wrapping)
[01] @echo off
[02] echo Updated: %date% %time% >>"C:\My
Documents\Dev\bat\upd-qb\av_update.log"
[03] for /r "C:\My Documents\Dev\bat\upd-qb" %%x in (*.bat) do @start ""
/b /min c:\util\hidden.exe "%%x"
===== End batch clip
Eep²
> On Wed, 19 May 2010 13:09:37 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> wrote:
>
> >I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
> >) which I've been using since 2003, that stopped working after April
> >2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
> >dat####.tar now) and contents). It no longer works so I'm back to
> >manually downloading DAT files for the command-line version (I refuse
> >to have the bloatware GUI AntiVirus constantly running in the
> >background). Can anyone can create a program to download the latest
> >DAT file athttp://download.nai.com/products/commonupdater/or
> >file--no zip--but the SuperDAT exe can be manually extracted via "/e"
> >switch for its DATs) and verify it against the current DATs so they
> >are not mindlessly redownloaded? I have command-line wget and unzip
> >programs and use a batch file to rename and move the DATs. Even better
> >(*.gem files) instead of having to download the obnoxiously large
> >~70MB (and growing with each update) compiled DAT file.
>
> >Thanks!
>
> >to see the original thread and a more recent thread on McAfee's site
>
> Here you go,
>
> ===== Start batch clip (watch wrapping)
> [01] @echo off
> [02] pushd .
> [03] cd /d "D:\Download\AV\mcafee"
> [04] if /i arg%1 == arg/nodl goto :NODL
> [05] wget -N -q --connect-timeout=15 --read-timeout=20
> "ftp://ftp.nai.com//pub/antivirus/datfiles/4.x/sdat*.exe"
> [06] :NODL
> [07] dir /b /aa sdat*.exe >mcaf.lst 2>&1
> [08] if errorlevel 1 goto :END
> [09] for /f %%x in (mcaf.lst) do @if exist %%x start "" /wait %%x /e
> %temp%\latest
> [10] if exist %temp%\latest\. (xxcopy /v2 /da /zs /q3 /y
> %temp%\latest\*.* C:\mcafee\) else (echo Some kind of error occurred.)
> [11] rd /s /q %temp%\latest
> [12] for /f %%d in ('dir /b /a-a sdat*.exe') do if exist "%%d" del "%%d"
> [13] attrib -a sdat*.exe
> [14] del mcaf.lst
> [15] rem C:\util\contig153.exe -q C:\mcafee\*.* >NUL
> [16] :END
> [17] popd
> ===== End batch clip
If I understand the batch file, it still has to download sdat*.exe
first before checking if it's different from the existing DAT file.
Any way for it to remember the current version and check the ftp
directory like MCUP does?
charles
wrote:
>On May 20, 5:32 am, charles <some...@somewhere.invalid> wrote:
Not quite.
The first time it runs it will download sdat*.exe to its local home
directory ("D:\Download\AV\mcafee"). That local file stays there (until
it is deleted in a future run). On subsequent runs it uses wget.exe's -N
switch to not download the same version/file again.
Then, by evaluating the archive bit of the existing sdat*.exe, it uses
the sdat*.exe filename version string (extracted to mcaf.lst) to process
the latest sdat version available by running it with the /e switch to a
temp directory. It then copies all the new data to the live mcafee
location and removes the temp contents and location.
It then removes any sdat*.exe local file that remain from a previous
download and finally, flips the archive bit of the latest local
sdat*.exe so that it can direct processing when it downloads a new
sdat*.exe next time.
I originally put it together after being unsatisfied with MCUP some time
ago and has worked well for me anyway.
Eep²
> On Fri, 21 May 2010 21:30:01 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> wrote:
>
> >On May 20, 5:32 am, charles <some...@somewhere.invalid> wrote:
> >> On Wed, 19 May 2010 13:09:37 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> wrote:
>
> >> >I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
> >> >http://tnlc.com/eep/mcup.zip) (readme athttp://tnlc.com/eep/mcup.txt
> >> >) which I've been using since 2003, that stopped working after April
> >> >2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
> >> >dat####.tar now) and contents). It no longer works so I'm back to
> >> >manually downloading DAT files for the command-line version (I refuse
> >> >to have the bloatware GUI AntiVirus constantly running in the
> >> >background). Can anyone can create a program to download the latest
> >> >DAT file athttp://download.nai.com/products/commonupdater/or
OK, so it needs the bloatware 75MB+ sdat*.exe to remain instead of
being able to look up just the version/date instead in a much smaller
text file? :/
charles
wrote:
>On May 22, 5:52 am, charles <some...@somewhere.invalid> wrote:
Well yes. About 70MB of storage for the sdat*.exe file. I had originally
worked up a version/filename scheme but it got complicated if you missed
an update, etc. And even if you do go through the processing to sort it
out, you still have to download the update. I bit the bullet and spent
the money to expand my storage infrastructure. :)
Well anyway thanks for getting me to look at the program again after a
long while. I had forgotten that each run of sdat*.exe appends 5 lines
to its running log file. Add the following 2 lines at the indicated
positions to my original .bat to maintain a constant 10 run history.
===== Start batch clip (watch wrapping)
[14.1] tail.exe -n 50 SuperDAT.log >SuperDAT.tmp
[14.2] move /y SuperDAT.tmp SuperDAT.log
===== End batch clip
And here's a bonus .bat to see what version is installed on your
machine.
===== Start batch clip (watch wrapping)
[01] @echo off
[02] for /f "tokens=1-4" %%a in ('grep.exe "Network Associates"
"C:\mcafee\Sdatpack.lst"') do @printf.exe "McAfee SuperDAT Update %%c
%%d - \c"
[03] finfo.exe -d "DDDD, MMM-DD-YYYY" "C:\mcafee\Sdatpack.lst"
===== End batch clip
batfile components:
grep.exe, tail.exe and printf.exe - GNUWIN32 tools
http://gnuwin32.sourceforge.net/
xxcopy.exe - http://www.xxcopy.com/
finfo.exe - Bill Stewart's Shell Scripting Toolkit
http://www.westmesatech.com/sst.html
attrib.exe - standard MS Windows distribution
contig.exe - MS Windows Sysinternals utility
http://technet.microsoft.com/sysinternals/
Eep²
> On Sat, 22 May 2010 19:49:18 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> wrote:
>
>
>
> >On May 22, 5:52 am, charles <some...@somewhere.invalid> wrote:
> >> On Fri, 21 May 2010 21:30:01 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> wrote:
>
> >> >On May 20, 5:32 am, charles <some...@somewhere.invalid> wrote:
> >> >> On Wed, 19 May 2010 13:09:37 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> >> wrote:
>
> >> >> >I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
> >> >> >http://tnlc.com/eep/mcup.zip) (readme athttp://tnlc.com/eep/mcup.txt
> >> >> >) which I've been using since 2003, that stopped working after April
> >> >> >2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
> >> >> >dat####.tar now) and contents). It no longer works so I'm back to
> >> >> >manually downloading DAT files for the command-line version (I refuse
> >> >> >to have the bloatware GUI AntiVirus constantly running in the
> >> >> >background). Can anyone can create a program to download the latest
> >> >> >DAT file athttp://download.nai.com/products/commonupdater/or
> finfo.exe - Bill Stewart's Shell Scripting Toolkithttp://www.westmesatech.com/sst.html
> attrib.exe - standard MS Windows distribution
> contig.exe - MS Windows Sysinternals utilityhttp://technet.microsoft.com/sysinternals/
Is it really that hard to just do a date/version comparison instead of
having to download the sdat*.exe just to check its date/version? MCUP
does it like that...
David H. Lipman
>> >> >> >Thanks!
>> >> >> Here you go,
>> >> Not quite.
>> batfile components:
Personally, I would parse UPDATE.INI or a web page that states the current DAT revision.
Once the number is known you can easily apply that to a WGET HTTP or WGET FTP download.
charles
wrote:
<snip>
>>
>> >> The first time it runs it will download sdat*.exe to its local home
>> >> directory ("D:\Download\AV\mcafee"). That local file stays there (until
>> >> it is deleted in a future run). On subsequent runs it uses wget.exe's -N
>> >> switch to not download the same version/file again.
>>
>> >> Then, by evaluating the archive bit of the existing sdat*.exe, it uses
>> >> the sdat*.exe filename version string (extracted to mcaf.lst) to process
>> >> the latest sdat version available by running it with the /e switch to a
>> >> temp directory. It then copies all the new data to the live mcafee
>> >> location and removes the temp contents and location.
>>
>> >> It then removes any sdat*.exe local file that remain from a previous
>> >> download and finally, flips the archive bit of the latest local
>> >> sdat*.exe so that it can direct processing when it downloads a new
>> >> sdat*.exe next time.
>>
<snip>
>Is it really that hard to just do a date/version comparison instead of
>having to download the sdat*.exe just to check its date/version? MCUP
>does it like that...
I guess you didn't read my previous, above unsnipped, post carefully
enough. Try again.
Eep²
wrote:
> From: "Eep²" <eepNOS...@tnlc.com>
>
> | On May 23, 6:35 am, charles <some...@somewhere.invalid> wrote:
>
> >> On Sat, 22 May 2010 19:49:18 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> wrote:
> >> >On May 22, 5:52 am, charles <some...@somewhere.invalid> wrote:
> >> >> On Fri, 21 May 2010 21:30:01 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> >> wrote:
> >> >> >On May 20, 5:32 am, charles <some...@somewhere.invalid> wrote:
> >> >> >> On Wed, 19 May 2010 13:09:37 -0700 (PDT), Eep² <eepNOS...@tnlc.com>
> >> >> >> wrote:
> >> >> >> >I have a McAfee VirusScan DAT updater called MCUP (McAfee DAT Updater,
> >> >> >> >http://tnlc.com/eep/mcup.zip) (readme athttp://tnlc.com/eep/mcup.txt
> >> >> >> >) which I've been using since 2003, that stopped working after April
> >> >> >> >2, 2010 (when McAfee changed their antivirus DAT zip file name--avv-
> >> >> >> >dat####.tar now) and contents). It no longer works so I'm back to
> >> >> >> >manually downloading DAT files for the command-line version (I refuse
> >> >> >> >to have the bloatware GUI AntiVirus constantly running in the
> >> >> >> >background). Can anyone can create a program to download the latest
> >> >> >> >DAT file athttp://download.nai.com/products/commonupdater/or
Yea, http://download.nai.com/products/commonupdater/Replica.log could
be used...
David H. Lipman
>> Personally, I would parse UPDATE.INI or a web page that states the current DAT
>> revision.
>> Once the number is known you can easily apply that to a WGET HTTP or WGET FTP
>> download.
| Yea, http://download.nai.com/products/commonupdater/Replica.log could
| be used...
[Item_4]