Path: news.nzbot.com!spool1.sonic-news.com!news-out.sonic-news.com!not.news-service.com!not.alt.net!not.highwinds-media.com!news.astraweb.com!border5.newsrouter.astraweb.com!npeer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post02.iad.highwinds-media.com!newsfe02.iad.POSTED!eb7e5c26!not-for-mail
From: walter hynebottom <walter@homebody.not.invalid>
Newsgroups: alt.binaries.crafts.pictures
Subject: Re: Dame Edna thanks but agent detected encoding error and virus scanner said contained Trogan darn it anyway
Message-ID: <c5j7q4huaqvi6pfc6csdvvr58ag1jo61ih@4ax.com>
References: <m0i6q4t562dclkiq92einjkb8fvagpdcn3@4ax.com> <5lr6q490ilmua1shoeer3807bsnun80oo2@4ax.com>
X-Newsreader: Forte Agent 4.2/32.1117
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 134
X-Complaints-To: abuse@teranews.com
NNTP-Posting-Date: Tue, 24 Feb 2009 10:40:16 UTC
Organization: TeraNews.com
Date: Tue, 24 Feb 2009 10:39:28 +0000
Xref: news.nzbot.com alt.binaries.crafts.pictures:5094
On Tue, 24 Feb 2009 15:06:46 +1100, Pixie <Pixie@AnnWheatley.com>
wrote:
/shears to work
>The software is good. Your apprehension is a good thing, but in this
>case unfounded.
>
>Pixie
Entirely, M'Lady, entirely.
Where as did myself once spend many days locked inside whilst the
Mountain spent itself ejaculating white fluff on the village, you
would connect with my love of puzzles.
Your post present such a puzzle, easy as it is to solve, the "high"
on this sleet ridden morn is well welcome.
The puzzle is with the Corel posts as you have rightly provided
the answer to the Click Stitch post.
^hat/sweep/knee/bent^
I start with the premise all do love their computer, trusted friend
and holy brother in the quest for fine wares for nought cost but the
willingness to whip the breath from the beast, yes?
Wrong, very wrong.
For computers are machines and thus cannot either absorb or return
love. The computer will not weep should you beat it in retribution for
fooling you. Nor will it smile whilst you clap for glee on a new
discovery.
Likewise one cannot trust the software completely nor trust the work
was composed by an actual person. Software writers work under many
constraints. You, the end user, are not the prime consideration.
One must find software that works, and one must educate oneself in
what makes the software behave in the manner observed.
Creating a working profile for AV checkers can be a minefield of doubt
and innuendo. Myself I have observed posters putting up alarms in this
group that are completely unfounded. Those people are gullible in
accepting the screens software presents. Unkind as it is to say, they
never think to go look inside the engine.
Here is the "under the hood" look at the folder for some archives I
have stashed away. I provide notes in enclosures to give some insight
as to the actual status in each case.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AVP32 Scan 2/24/2009 5:06:34 AM
found:
G:\..\cDr_AoA.DVD.Ripper.v3.89\patch\AoADVDRipper.exe infected:
Trojan.Win32.Genome.ixo
[the "infection" is in the patch file <AoADVDRipper.exe> the file
needs to be run up on a testing machine to verify it is indeed a
virus. Many patchers use syntax which will return this type of false
positive.
Were the "infection" found in the actual parent program
" AoADVDRipper.exe", upon downloading the file, one would delete it
immediately]
found:
G:\..\AshampooUnInstallerPlatinum\keygen.exe suspicion:
Packed.Win32.Morphine.a
[This case is a keygen, the AV software is smart enough to not commit.
This file is safe]
found:
G:\..\CorelDraw[X3]_CD01\EasterEgg\sYs.AshampooUnInstallerPlatinum.v1.x\keygen.exe
suspicion: Packed.Win32.Morphine.a
[This case is a keygen, the AV software is smart enough to not commit.
This file is safe.]
Note: The last two examples are returning the same prompt from the AV
checker. As bizarre as it looks, two identical results from volumes
retrieved separately indicates the likelihood of a syntax familiarity
patchers/crackers have used, not a "virus/trojan".
Scan process completed.
Tuesday, February 24, 2009 5:06 AM
Tuesday, February 24, 2009 5:06 AM AVP Scanner started:
______________________________________________________________________
Scanned
Sector objects: 0
Files: 10022
Folders: 2124
Archives: 61
Packed: 0
Found
Known viruses: 1
Virus bodies: 1
Disinfected: 0
Deleted: 0
Warnings: 0
Suspicious: 2
Corrupted: 0
I/O Errors: 0
Scan speed (Kb/sec): 29508
Scan time: 03:24
______________________________________________________________________
Tuesday, February 24, 2009 5:09 AM AVP Scanner finished:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Too much information?
Rightly so, for many, and this is why way too many users are well out
of their depth in handling these types of software, and why it is a
complete waste of time and resources posting volumes of work people
will never do the work required to understand how to use them.
A quick "rule of thumb" is to trust Usenet to sort the problem out.
Wait, and someone will solve the problem.
This is what makes Usenet a fantastic resource.
My turn today, your turn tomorrow.
The puzzle is solved as the program returning the false positive is
(AshampooUnInstallerPlatinum.v1).
Corel posting is fine in it completeness. So if in any doubt you just
delete the Ashampoo files and use the rest of the post.
Ashampoo is an "egg" after all, something usually given in kindness.
How many days to Easter?
And M'Lady?
Unless you find advice in the notes supplied with a patch you never
ever never attempt to upgrade any patched software.
--
the melting iceberg never had it so hard
|
|