1. virii
- Posted by Kat <gertie at ZEBRA.NET> Feb 28, 2000
- 493 views
Hey all, a virus question: Since exw.exe shows as having the C1H virus all the time, fresh from RDS, how do we know when it *really does* have the virus? If cleaned, exw.exe stops working. If Eu is installed via a exe or zip file, the virus is installed into the exw.exe as it's decompressed. Kat
2. Re: virii
- Posted by Robert Craig <rds at ATTCANADA.NET> Feb 28, 2000
- 486 views
Kat writes: > Since exw.exe shows as having the C1H virus all the time, > fresh from RDS, how do we know when it *really does* > have the virus? In 2.2, both ex.exe and exw.exe are compressed executables. That makes them look strange to some virus scanners. That also makes them less likely to actually get infected with a virus, since the virus won't understand the compression format, and probably won't insert itself correctly into the .exe. I can keep a list of which virus scanners are falsely complaining. People should send me any virus reports that they get. Regards, Rob Craig Rapid Deployment Software http://www.RapidEuphoria.com
3. Re: virii
- Posted by Kat <gertie at ZEBRA.NET> Feb 28, 2000
- 541 views
----- Original Message ----- From: "Robert Craig" <rds at ATTCANADA.NET> To: <EUPHORIA at LISTSERV.MUOHIO.EDU> Sent: Monday, February 28, 2000 5:22 PM Subject: Re: virii > Kat writes: > > Since exw.exe shows as having the C1H virus all the time, > > fresh from RDS, how do we know when it *really does* > > have the virus? > > In 2.2, both ex.exe and exw.exe are compressed executables. > That makes them look strange to some virus scanners. > That also makes them less likely to actually get infected > with a virus, since the virus won't understand the compression format, > and probably won't insert itself correctly into the .exe. > > I can keep a list of which virus scanners are falsely > complaining. People should send me any virus reports that > they get. Ok, and i emailed them about it months ago, but it still says exw.exe has a virus and trashes it. Kat
4. Re: virii
- Posted by Brian Broker <bkb at CNW.COM> Feb 28, 2000
- 494 views
- Last edited Feb 29, 2000
On Mon, 28 Feb 2000 18:39:44 -0600, Kat wrote: >Ok, >and i emailed them about it months ago, but it still says exw.exe has a >virus and trashes it. > >Kat Strange, I just scanned my Eu\bin directories (for version 2.1 and 2.2) using the above link and it didn't complain about anything. Also, I've had no reports from Innoculan (or InnoculateIT Personal Edition, a free scanner that I use at home). ??? -- Brian
5. Re: virii
- Posted by Robert Craig <rds at ATTCANADA.NET> Feb 28, 2000
- 486 views
- Last edited Feb 29, 2000
I should have mentioned that euphoria\demo\sanity.ex knows the correct checksums for ex.exe and exw.exe. If you run sanity.ex, using either ex or exw, it will check both .exe files and tell you if they've been tampered with. exu is also a compressed executable. I'll add it's checksum to sanity.ex in the next release. I don't hear much about Linux viruses or virus scanners. Regards, Rob Craig Rapid Deployment Software http://www.RapidEuphoria.com
6. Re: virii
- Posted by Steve Mosher <goat at DEVIL.ISN.NET> Feb 29, 2000
- 499 views
Oy, but you've got to use the potentially infected program to make use of sanity.ex! Ever see the login trojan compiled into the compiler? Sweet stuff. Anyhow, maybe you should just post the actual checksums of these files -- or better yet, thier md5 signatures. It's fairly easy to produce the same checksum if you know what you're doing (so I am told). MD5 however isn't easy at all. In fact, I've seen people use MD5 sigs in thier password files instead of simply crypt()ing the passwords. This way, a totally different program could be used to check. I know that this could be overboard, but I don't let anything slip with security. 'Sides, this is the standard way to do it. On Mon, 28 Feb 2000, you wrote: > I should have mentioned that euphoria\demo\sanity.ex > knows the correct checksums for ex.exe and exw.exe. > If you run sanity.ex, using either ex or exw, it will check > both .exe files and tell you if they've been tampered with. > > exu is also a compressed executable. > I'll add it's checksum to sanity.ex in the next release. > I don't hear much about Linux viruses or virus scanners. > > Regards, > Rob Craig > Rapid Deployment Software > http://www.RapidEuphoria.com