very understandable, DJG. one thing i don't understand is why people still use winzip? i gave it up years ago ever since windows (was it xp) starting supporting zip's 'out of the box'.
don't get me wrong, i'm not criticising you using it, just wondering what advantages winzip has over windows explorer in dealing with zip files.
ok there shouldnt be any problem extracting the file...
hmm interestingAnd unfortunately it appears my false positive gone experience wasn't quite true. What happened is I did a file-specific right-click / Scan for malware, and apparently that works different, or possible doesn't work as expected in Win 7 which is still in beta trim for this release. I just did another full system scan and they (I have two copies currently) showed up again.
The good news? The same sig showed up this time three times, the two zip archives, and an OCX in my 7232 partition's SysWOW64, mswinsck.ocx which is a skimpy 106KB. And it matches what might have been installed by that installation ZIP. I'll send that and see what happens now.
BTW, the right-click / Scan for malware gives positive on the OCX file, but not on the ZIP that seems to contain it.
since its a OCX file its not executable by default...
it should be fine...
once great way to check whether its a false positive is to see whether it has a valid signature...
if it does then all means its a false positive...
I actually like the interface better, and I got the license the year before it got integrated into Win Explorer. Also I prefer to explicitly deal with the archive environment separately from the filesystem. I think I did one upgrade, to v10. It does have nicer functionality, but if I didn't have that original license I just might be using the Win Explorer integration too. I'm just showing my age
.
OK, I went through all sorts of hoops to try and get a hold of the mswinsck.ocx file to send it to Agnitum but security would not let me do anything with it, saying I needed permissions, it said it couldn't display the owner when I tried to take ownership, bla, bla. I started to get worried as it looked like they'd made the file untouchable. Then I realized it might be the AV trying to protect me. Bingo. I momentarily disabled protection and was able to submit it as a suspect infection with a brief history. Well, I really can't complain even if it turns out to be a false (I'm hoping), it seems to be doing its job.
Plus it forced me to do a clean install of 385 instead of the upgraded 384, which will make many people in this forum happy. Let's see if I get a response from Agnitum.
... into somebody else's PC
Paranoia often makes you take little for granted and assumptions for what they are
Good point on the sig, but again, I trust very little at this point until (if) I hear from Agnitum. Here's that for you. Whadda ya think?
click on the sig itself and the click the details button...
if the the sig checks out the there is NO way (emphasis on "no way"...
if this the rtm mswinsck file send the zip file (i dont know how Agnitum handles FP) since this is a very important file..
if it does not then there might be tampering going on...
You are of course right, I'm getting over my initial paranoia attack. Between that and my still-somewhat-there tooth ache, and my PITA neighbor complaining about some fronds that slightly tilt over her side of the fence, it was just getting too overwhelming at once
.
And actually everything looks rather kosher from the sig end. I'm breathing much easier now
Actually this is not a core file - it's not part of the MS distribution. It doesn't show up in my current 7600 install since I haven't installed the ZIP file this time around. There's a similarly named DLL that is though, mswsock.dll.click on the sig itself and the click the details button...
if the the sig checks out the there is NO way (emphasis on "no way"...
if this the rtm mswinsck file send the zip file (i dont know how Agnitum handles FP) since this is a very important file..
if it does not then there might be tampering going on...
And a very important file it is. Sock management is very important. Socks keep your feet warm in the winter, and your shoes from getting smelly. Managing Win sockets is also very important
BTW, I've been trying to fathom "In a ... lazy eight portal?
And FYI, I believe Marie Antoinette did - or at least so I've been told. Might want to check it out, though I think she's out in France somewhere, and probably doesn't even visit the forum ... most likely not something you'd want to lose your head over.
Quote