Glad to hear itThis version works fine for me now.
2tosbsas
Thank you for your report. I have contacted with CEUM (original Deutsch translator)
[Tool] Visual Tfind v1.0.10 -Ready for TC
Moderators: white, Hacker, petermad, Stefan2
New beta release, version 1.0 beta 6 (22.07.2008).
vTFind 1.0 beta 6 (vtfind1b6.md5)
- Updated: Deutsch Language interface. Thanks to CEUM.
Added: French language interface. Thanks to jjk.
Added: New switch GotoOutFile. Allow select the name of predefined archives instead of open the contents in TC.
Added: New switch GotoFileMode to vtfind.ini.
Fixed: File size retrieved from files > 2Gb is not correct.
Fixed: Problem when application is on Top and "dialog options" + "dialog integrate with TC" is opened.
Changed: Default delay command. 100 to 200 ms.
Changed: Default date and time retrieve from files to Last write date.
vTFind 1.0 beta 6 (vtfind1b6.md5)I can read English, but... I write like Tarzan. (sorry)
Hi,Sombra wrote:New beta release, version 1.0 beta 6 (22.07.2008).
Download:
I have not yet installed this tool version 1.0 beta 6 but when unzipping it, my Symantec AntiVirus (like Norton) have put the file TCMC.exe in the quarantine because he saids that the Trojan.Drondog infected it. The MD5 for the zip file was good.
I have tested the ZIP file on http://www.virustotal.com/ site, here is the result :
Code: Select all
vtfind1b6.zip file received the 2008.09.18 17:22:25 (CET)
Résult: 18/36 (50%)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.18 -
AntiVir 7.8.1.34 2008.09.18 -
Authentium 5.1.0.4 2008.09.18 W32/Heuristic-210!Eldorado
Avast 4.8.1195.0 2008.09.18 -
AVG 8.0.0.161 2008.09.18 Generic10.SIX
BitDefender 7.2 2008.09.18 -
CAT-QuickHeal 9.50 2008.09.17 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.09.18 -
DrWeb 4.44.0.09170 2008.09.18 -
eSafe 7.0.17.0 2008.09.18 Suspicious File
eTrust-Vet 31.6.6091 2008.09.16 -
Ewido 4.0 2008.09.18 -
F-Prot 4.4.4.56 2008.09.18 W32/Heuristic-210!Eldorado
F-Secure 8.0.14332.0 2008.09.18 W32/Packed_Upack.A
Fortinet 3.113.0.0 2008.09.18 -
GData 19 2008.09.18 -
Ikarus T3.1.1.34.0 2008.09.18 Trojan-Downloader.Win32.Zlob.and
K7AntiVirus 7.10.461 2008.09.18 Backdoor.Win32.Suspicious_U.Family
Kaspersky 7.0.0.125 2008.09.18 -
McAfee 5386 2008.09.17 -
Microsoft 1.3903 2008.09.18 -
NOD32v2 3452 2008.09.18 -
Norman 5.80.02 2008.09.18 W32/Packed_Upack.A
Panda 9.0.0.4 2008.09.18 -
PCTools 4.4.2.0 2008.09.18 Packed/Upack
Prevx1 V2 2008.09.18 System Back Door
Rising 20.62.32.00 2008.09.18 -
Sophos 4.33.0 2008.09.18 Sus/ComPack-K
Sunbelt 3.1.1645.1 2008.09.17 VIPRE.Suspicious
Symantec 10 2008.09.18 Trojan.Drondog
TheHacker 6.3.0.9.086 2008.09.18 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2008.09.18 PAK_Generic.006
VBA32 3.12.8.5 2008.09.17 -
ViRobot 2008.9.18.1381 2008.09.18 -
VirusBuster 4.5.11.0 2008.09.18 Packed/Upack
Webwasher-Gateway 6.6.2 2008.09.18 Win32.Malware.gen (suspicious)
So I have not yet tested it...
Regards
#22273 Personal licence
-
fenix_productions
- Power Member
- Posts: 1979
- Joined: 2005-08-07, 13:23 UTC
- Location: Poland
- Contact:
2icfu
OT What is wrong in taking precautions? I understand that Symantec's tool might not be perfect but in such case it is better to be slave than victim.
BTW You could comment in same manner my post from here:
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=165
BUT it appeared that I was right (see ts4242's response):
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=180
OT What is wrong in taking precautions? I understand that Symantec's tool might not be perfect but in such case it is better to be slave than victim.
BTW You could comment in same manner my post from here:
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=165
BUT it appeared that I was right (see ts4242's response):
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=180
"When we created the poke, we thought it would be cool to have a feature without any specific purpose." Facebook...
#128099
#128099
-
ghisler(Author)
- Site Admin
- Posts: 48077
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
If you read the reports in detail, you see that manu scanners just complain about the EXE packer Upack:
Maybe you should switch to UPX, which may be a few % worse, but can be unpacked without problems by most scanners. Just use an older stable version of UPX - the older the higher the chance that all scanners can unpack it without problems. TC uses UPX 2.24w, but a stable 2.x version may be OK too (just try it with VirusTotal).
To the author:Packed/Upack
Maybe you should switch to UPX, which may be a few % worse, but can be unpacked without problems by most scanners. Just use an older stable version of UPX - the older the higher the chance that all scanners can unpack it without problems. TC uses UPX 2.24w, but a stable 2.x version may be OK too (just try it with VirusTotal).
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
@fenix_productions:
As a rule of thumb: If Kaspersky doesn't find anything, but 50% of the scanners raise an alarm, of which the first half is not able to tell what they find and each of the scanners of the other half finds a different infection, the file is clean.
Icfu
Nothing, as long as you don't post the results publicly several months(!) after the file has been uploaded, before not having contacted the author privately first.OT What is wrong in taking precautions?
The problem is not Symantec but a combination of the usual crappy scanners which are not DETECTING viruses but instead doing wild guesses, leading to overstrained users not able anymore to decide if a file is infected or not, although the VT output shows that there is no clear detection but just noise, from "suspicious" to "Jesus Christ, I have no clue what it is, because my unpacking engine sucks but it really smells dangerous". This is worse than spam and leads nowhere.I understand that Symantec's tool might not be perfect but in such case it is better to be slave than victim.
The file had been removed already in the mid of July, weeks before it has been discussed in the forum. At that time the VT log showed infections from all but two scanners and there was almost no noise. I still have the VT log which I sent to ts4242, he had removed the file on the same day.BUT it appeared that I was right (see ts4242's response):
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=180
As a rule of thumb: If Kaspersky doesn't find anything, but 50% of the scanners raise an alarm, of which the first half is not able to tell what they find and each of the scanners of the other half finds a different infection, the file is clean.
Icfu
-
fenix_productions
- Power Member
- Posts: 1979
- Joined: 2005-08-07, 13:23 UTC
- Location: Poland
- Contact:
2icfu
The second issue is the question: is it better to bother author privately or write to support forum? Personally: I would rather discuss problems here to have bigger chances to avoid the same questions in the future.
And about the time: please remember that anti-viruses might remove non-popular signatures after some period of the time.
Let's not spam this thread EOT
Not everyone keeps watching every plugin release. Some users are new and want to discuss about problems on the forum board.icfu wrote: Nothing, as long as you don't post the results publicly several months(!) after the file has been uploaded, before not having contacted the author privately first.
The second issue is the question: is it better to bother author privately or write to support forum? Personally: I would rather discuss problems here to have bigger chances to avoid the same questions in the future.
And about the time: please remember that anti-viruses might remove non-popular signatures after some period of the time.
Well, super haxi0r users might decipher files contents but non-advanced ones learn to trust protecting applications. So if everyone advices me to use anti-virus software and this tells me that something is wrong then... you know the rest. It might be a crap sometimes but I think that in this case sharing such knowledge is good. This is the right thread in right forum. If it's not then moderators will remove invalid post. No reason for scolding yet.icfu wrote:The problem is not Symantec but a combination of the usual crappy scanners which are not DETECTING viruses but instead doing wild guesses, leading to overstrained users not able anymore to decide if a file is infected or not, although the VT output shows that there is no clear detection but just noise, from "suspicious" to "Jesus Christ, I have no clue what it is, because my unpacking engine sucks but it really smells dangerous". This is worse than spam and leads nowhere.
I know but I downloaded this archive and maybe someone else too. For various reasons: you don't always need to have the newest versions or you just might be curious.icfu wrote:The file had been removed already in the mid of July, weeks before it has been discussed in the forum. At that time the VT log showed infections from all but two scanners and there was almost no noise. I still have the VT log which I sent to ts4242, he had removed the file on the same day.
You can trust Kaspersky (I don't) or the others. Or you can ask someone who knows better.icfu wrote:As a rule of thumb: If Kaspersky doesn't find anything, but 50% of the scanners raise an alarm, of which the first half is not able to tell what they find and each of the scanners of the other half finds a different virus, the file is clean.
Let's not spam this thread
EOT"When we created the poke, we thought it would be cool to have a feature without any specific purpose." Facebook...
#128099
#128099
Hi,
I was aware of the vTFind tool with this entry of the French part of the forum dated of the 17th Sept.
For me, it is not good that a tool is rejected by an AntiVirus. My entry was to advise this fact and to know if the original from the producer of this tool have the same effect.
Like I had noted, the AVs that I will prefer to have don't find a problem but it was a lot to see 50% of AVs showing a problem.
Doing my entry, then only me will disturb the producer of the tool that there is a little problem and every body using the forum will be aware of that (for me, it is better than a private email that can be deleted or put in a spam mailbox). And if it was not the original file that was in the download file, it can be then different from the original uploaded several month ago.
Symantec is the AntiVirus on the PC of my job, I can't choose it. I have never buy an AV deliberately. On my own PC, I use a free AV which don't find a problem with this tool
Sorry for this OT but for me it should be made.
Now I have to test this tool
Best regards
I was aware of the vTFind tool with this entry of the French part of the forum dated of the 17th Sept.
For me, it is not good that a tool is rejected by an AntiVirus. My entry was to advise this fact and to know if the original from the producer of this tool have the same effect.
Like I had noted, the AVs that I will prefer to have don't find a problem but it was a lot to see 50% of AVs showing a problem.
Doing my entry, then only me will disturb the producer of the tool that there is a little problem and every body using the forum will be aware of that (for me, it is better than a private email that can be deleted or put in a spam mailbox). And if it was not the original file that was in the download file, it can be then different from the original uploaded several month ago.
Symantec is the AntiVirus on the PC of my job, I can't choose it. I have never buy an AV deliberately. On my own PC, I use a free AV which don't find a problem with this tool
Sorry for this OT but for me it should be made.
Now I have to test this tool
Best regards
#22273 Personal licence
2menet and users.menet wrote:I have not yet installed this tool version 1.0 beta 6 but when unzipping it, my Symantec AntiVirus (like Norton) have put the file TCMC.exe in the quarantine because he saids that the Trojan.Drondog infected it.
I'm sorry for the inconvenience. A related problem was reported time ago, on this thread. The author of TCMC is a well knows on this forum then the file is from a trust source.
Surely this will be not the last post about this file or another ones
I don't know options in symantec avir, but the most of antivirus can omit specified files to be scanned. Perhaps you can give a try to it.menet wrote:Symantec is the AntiVirus on the PC of my job, I can't choose it.
Best Regards.
I can read English, but... I write like Tarzan. (sorry)
-
chunwaihome
- Junior Member
- Posts: 75
- Joined: 2005-02-09, 04:38 UTC
2chunwaihome
Hello,
I have experimented this issue sometimes, usually when there is a cd-rom inserted or with slow network drives mapped. Currently the program check if there is data in all drives for try to show only available volumes where data exist. This could be the case (I think).
Could you check this archive? > vtfind_test.zip (1,2Mb). Simply put in same directory where currently is your vtfind.
There are two modified versions of vtfind:
Hello,
I have experimented this issue sometimes, usually when there is a cd-rom inserted or with slow network drives mapped. Currently the program check if there is data in all drives for try to show only available volumes where data exist. This could be the case (I think).
Could you check this archive? > vtfind_test.zip (1,2Mb). Simply put in same directory where currently is your vtfind.
There are two modified versions of vtfind:
- vtfind_a.exe Retrieve ready drives in a different way.
- vtfind_b.exe Retrieve all available drives in your system (It doesn't check if data in volumes is present)
I can read English, but... I write like Tarzan. (sorry)
New release, version 1.0 beta 7 (20090209).
vtfind_1.0.7.zip (vtfind_1.0.7.md5)
- Added: Copy path to clipboard.
Added: Copy name to clipboard.
Added: Copy name with full path to clipboard.
Added: Copy file content to clipboard (text).
Added: Run with parameters.
Added: Open path in DOS box.
Added: Run file in a DOS box (without close window).
Added: Menu entry for custom file managers.
Added: New entries for Help menu.
Added: Go to path in Total Commander.
Added: GotoOutPath=1 > Go to parent folder of path (in TC)
Added: More options were passed from vtfind.ini to GUI configuration dialog.
Added: Shell integration for drives and folders.
Added: Optional preload of tfind.exe for custom drives at startup Vtfind.
Added: Optional load searches results on fly.
Added: Dialog for integration with other file managers.
Added: Dialog with more options for configure integration of Total Commander.
Added: Custom font size for search results list.
Added: Change font size to main menu. CTRL+Num +, CTRL+Num -, CTRL+Num 0.
Added: Improved performance for get size and dates in "feed" to Total Commander.
Added: Better reorganization of vtfind.ini
Added: Date format according regional settings in status bar.
Added: Optional drive list show all available volumes or NTFS only (NTFSList=1).
Added: Save settings in main menu.
Added: Internal manifest resource for run as administrator by default.
Added: Detect Windows Vista for store configuration in not program directory.
Added: Changed TCMC.exe tool for an unpacked version (prevent false positives).
Fixed: List of languages not always loaded.
Fixed: Save List, not show mask file for alternative extensions.
Fixed: Time for take Drives list (for all drives).
Fixed: Order tabs.
Fixed: Enhance of status bar.
vtfind_1.0.7.zip (vtfind_1.0.7.md5)I can read English, but... I write like Tarzan. (sorry)
