Avoid Analog Obsession at all costs!

[scalawag]

i guess you guys need something fun to do. here's the thing. there is NO INSTALLER with AO. even if there was some malware (possible at some point), it never made it into my system, it would have been unloaded to where ever you unwrapped the file, and i just down loaded and installed AO update today with no problems lol. the guy has been around for a long time. his stuff is good. but yes, he does things differently. i think he should finish his product before posting it. he just hasn't been in a position to do that i guess. there are other folks who do things differently.

Exactly!

[scalawag]

all the malware you found on your OS was already there before you downloaded AO zip file.

You didn't get the point. Everyone is complaining about the zip file being infected. This was true.
But none of those who are complaining about spending their time cleaning their OS are saying that even if they have detected the malware in the zip file, they stupidly ran the plugins anyway! I really doubt they are that stupid on doing so. If they didn't run the plugins, the malware was not installed, and so all the malware they have found everywhere on the OS is not from that zip file! Is it so difficult to understand?

[Erisian]

If they didn't run the plugins, the malware was not installed,

That isn't necessarily true.

[claudedefaren]

Scalawag, you don't have to run a plugin for there to be malware in it.

To infect your computer and take 24h of your time to clean it, yes you have to run it!

That is incorrect.

[scalawag]

Scalawag, you don't have to run a plugin for there to be malware in it.

To infect your computer and take 24h of your time to clean it, yes you have to run it!

That is incorrect.

You've made my day!!

[Teksonik]

I would probably stay away from the dog if it bit me once and I would move on. I wouldn't publicly flog it.

No but you might warn others so they don't get bitten that is if you truly care about the good dogs as you do the bad.......

[Teksonik]

If no, sorry but all the malware you found on your OS was already there before you downloaded AO zip file.

No it wasn't. It was directly related to the AO downloads. That's the ONLY malware the scan found. The previous scan that was run as routine maintenance found nothing.

It's obvious you have no clue what you're talking about so please continue to live in blissful ignorance....

[Erisian]

If they didn't run the plugins, the malware was not installed,

One of the most common ways to become infected without running a file itself is to scan it with your anti-malware scanner ironically enough.

[Teksonik]

It twenty years of running AV software from just about every vendor that has never happened.

Please cite your sources.

[Erisian]

It twenty years of running AV software from just about every vendor that has never happened.

Please cite your sources.

A friend in systems, but I'll do a google when I am not so tired, in the meantime there might be something here but you'll have to read through it yourself.

https://security.stackexchange.com/ques ... g-the-file

Quoted from a senior security engineer
https://www.quora.com/Can-you-get-a-vir ... -the-trash

"The straight-up, scary truth is yes, in some cases simple downloading a malicious file to your computer may be enough to become infected. In fact, it is theoretically possible to become infected simply by receiving an email with a malicious attachment, even if you don’t open or read the email!

How is this possible? The primary example that comes to mind is very ironic: Anti-malware / Antivirus software! Yes, that is correct, it might be your anti-malware software that causes your machine to be infected with a virus. This is possible because most anti-malware products scan files in the background as soon as the product become aware of the files — like when you download a file with your web browser or when your email client downloads your Inbox locally (webmail excluded) and some of the emails have attachments. Most of the time, this is a good thing. The anti-malware software attempts to identify and flag malicious files. However, like all software, anti-malware software is susceptible to bugs. If a hacker is able to exploit a bug in the anti-malware scanning code, they could use this to infect your machine with no user interaction. There are documented cases of this being possible."

[scalawag]

Not all. Some of the 32 bit versions before everything was moved to Patreon were apparently infected as a result of a website attack.

No. I downloaded only the 64 bit plugins and got malware warnings as soon as I unzipped them. I didn't download any of the 32 bit plugins but still had to spend the next 24 hours cleaning malware from my system.

So unzipping them installed all that malware? What software have you used to unzip?

[Teksonik]

Oh a "friend in systems". Always a reliable source. I'll trust my time as a Beta Tester for a top rated Security Suite.

It is possible to trigger malware through a vulnerability in your AV software ? Yes. Is it a high probability if you use top rated and updated AV software ? No.

But what you're basically saying is it's the user fault in this case for scanning a file that is known to contain Gen Variant Razy not the fault of the person who delivered the file.

Ok whatever.......

[claudedefaren]

Scalawag, it's obvious you don't know what you're talking about and you are out of your league in this conversation. I recommend you keep your misguided smugness to yourself, if you wish to remain blissfully uneducated on the subject, as all it takes is a simple Google search for you to learn that you are wrong, and as they say, ignorance is indeed bliss.

[claudedefaren]

It twenty years of running AV software from just about every vendor that has never happened.

Please cite your sources.

A friend in systems, but I'll do a google when I am not so tired, in the meantime there might be something here but you'll have to read through it yourself.

https://security.stackexchange.com/ques ... g-the-file

Quoted from a senior security engineer
https://www.quora.com/Can-you-get-a-vir ... -the-trash

"The straight-up, scary truth is yes, in some cases simple downloading a malicious file to your computer may be enough to become infected. In fact, it is theoretically possible to become infected simply by receiving an email with a malicious attachment, even if you don’t open or read the email!

How is this possible? The primary example that comes to mind is very ironic: Anti-malware / Antivirus software! Yes, that is correct, it might be your anti-malware software that causes your machine to be infected with a virus. This is possible because most anti-malware products scan files in the background as soon as the product become aware of the files — like when you download a file with your web browser or when your email client downloads your Inbox locally (webmail excluded) and some of the emails have attachments. Most of the time, this is a good thing. The anti-malware software attempts to identify and flag malicious files. However, like all software, anti-malware software is susceptible to bugs. If a hacker is able to exploit a bug in the anti-malware scanning code, they could use this to infect your machine with no user interaction. There are documented cases of this being possible."

Yes, and to finish the quote:

"This attack scenario is possible with any software running in the background that operates on files without user interaction. Anti-malware software is just the most common place you see this behavior."

Now. Who here can think of any other possible software that might operate on plugins without user interaction?

[Teksonik]

So unzipping them installed all that malware? What software have you used to unzip?

Are you really trying to say it's the the fault of the program that was used to unzip the file THAT WAS KNOWN TO CONTAIN MALWARE ?

Come on now....even Analog Obsession ADMITTED the files were infected.

I give up.....