mundial Posted February 18, 2012 Report Share Posted February 18, 2012 I have started a trial of EAM 6.0.0.57 a few days back. Meanwhile my PC crashed. Today i reinstalled and tried to update the signatures. The upload size shown was 89MB. I felt that the update size may be too big. So I started looking for MD5 checksums. I found 3 different MD5 checksums for the same versions. 1. Could NOT find any on your web site for cross verifying 2. 713D7B1CE5B697DEAA99976B9571E908 on filehippo.com for version 6.0.0.57 3. E47F69F689AA4DC273569EEF51240424 for the SAME version downloaded from your site TODAY (size 15300 Kb) 4. 1BD7688E571ACCE9CE2060330B02FF8F or the SAME version downloaded from your site on 13-FEB-2012 (size 15450 Kb) My query is why this difference? Do you update the file very often even for the same version? And do the file size vary with your updates in the SAME version? Or is my download malicious/contaminated? Other details OS: Win Vista Home Basic SP2. No other AV. Thank you, Mundial Link to comment Share on other sites More sharing options...
Fabian Wosar Posted February 18, 2012 Report Share Posted February 18, 2012 Hi mundial, To answer your questions: The upload size shown was 89MB. I felt that the update size may be too big. If you miss a certain amount of IKARUS updates (50 to be more precise), it will download the entire database (~ 72 MB) instead of only the differential updates. It usually takes about 3 to 5 days to miss 50 IKARUS updates. So if the setup you used for your installation is older than that, it will download the entire IKARUS database during the installation/on first update. 1. Could NOT find any on your web site for cross verifying All our binaries and setups are digitally signed. If you want to make sure the setup you downloaded hasn't been tampered with, just check the digital signature. You can do that by right clicking the file, selecting "Properties". This will bring up the file properties dialog. There you can switch to the "Digital Signatures" tab and double click the Emsi Software GmbH signature entry from the list to bring up the Digital Signature Details. Under general it should say that "This digital signature is OK.". If it says anything else or if the entire Digital Signatures tab is missing from the file properties tab, the file has been tampered with. My query is why this difference? Do you update the file very often even for the same version? And do the file size vary with your updates in the SAME version? We recompile the setups regularly to include the newest signatures. So for one and the same version there can be many different setup files. Link to comment Share on other sites More sharing options...
mundial Posted February 18, 2012 Author Report Share Posted February 18, 2012 Thanks a lot Fabian. I hope you do not mind if I post a link to this reply on the Wilderssecurity.com web site where I posted the same query. Link to comment Share on other sites More sharing options...
Fabian Wosar Posted February 18, 2012 Report Share Posted February 18, 2012 Of course not . Link to comment Share on other sites More sharing options...
Recommended Posts