Page 6 of 6 FirstFirst ... 456
Results 51 to 57 of 57

Thread: Microsoft: piracy is getting virusy

  1. #51
    David_B Guest

    Re: Microsoft: piracy is getting virusy

    FromTheRafters wrote:
    > 8.3 days


    Now *that* sure took me back! http://en.wikipedia.org/wiki/8.3_filename

  2. #52
    Ant Guest

    Re: Microsoft: piracy is getting virusy

    "FromTheRafters" wrote:

    > I've read somewhere that one needs to edit the registry so as to allow
    > creation of filenames with such characters.


    Only if you're using the keyboard. I wrote a test program using the
    CreateFileW function. The ending 'W' means a unicode string is
    required for the filename so I could be sure I was using the correct
    character.

    > If so, I'm wondering if the
    > same disallowance applies to such files extracted from archive files. I
    > have only ever seen these where the name actually comes from within an
    > archive file.


    No, it doesn't. Any program can create a file with a unicode name
    irrespective of registry settings. After all, the native Windows API
    uses unicode exclusively. My test program gave the expected visual
    result on XP but not on Win2k (in neither case was the registry value
    set), so the older Explorer GUI did not recognise the RLO character.
    However, my W2k is so heavily tweaked that it's possible something
    else is preventing it from working!



  3. #53
    FromTheRafters Guest

    Re: Microsoft: piracy is getting virusy

    Ant used his keyboard to write :
    > "FromTheRafters" wrote:
    >
    >> I've read somewhere that one needs to edit the registry so as to allow
    >> creation of filenames with such characters.

    >
    > Only if you're using the keyboard. I wrote a test program using the
    > CreateFileW function. The ending 'W' means a unicode string is
    > required for the filename so I could be sure I was using the correct
    > character.
    >
    >> If so, I'm wondering if the
    >> same disallowance applies to such files extracted from archive files. I
    >> have only ever seen these where the name actually comes from within an
    >> archive file.

    >
    > No, it doesn't. Any program can create a file with a unicode name
    > irrespective of registry settings. After all, the native Windows API
    > uses unicode exclusively. My test program gave the expected visual
    > result on XP but not on Win2k (in neither case was the registry value
    > set), so the older Explorer GUI did not recognise the RLO character.
    > However, my W2k is so heavily tweaked that it's possible something
    > else is preventing it from working!


    Thanks Ant, now I don't have to wonder about that anymore. I have heard
    (or read) Unicode characters being referred to as "wide" characters
    which is likely what the "W" means in the CreateFileW function.



  4. #54
    Ant Guest

    Re: Microsoft: piracy is getting virusy

    "FromTheRafters" wrote:

    > Thanks Ant, now I don't have to wonder about that anymore. I have heard
    > (or read) Unicode characters being referred to as "wide" characters
    > which is likely what the "W" means in the CreateFileW function.


    Yep, 'W' is wide, meaning unicode (why didn't they use 'U'?) and 'A'
    is normal, meaning ANSI (how it looks depends on your language
    settings). The suffixes apply to Win API functions that have strings
    as parameters. Normally you omit them (e.g. use CreateFile) and the
    correct version is substituted, depending on your compiler settings.



  5. #55
    David_B Guest

    Re: Microsoft: piracy is getting virusy

    Ant wrote:
    > "FromTheRafters" wrote:
    >
    >> Thanks Ant, now I don't have to wonder about that anymore. I have heard
    >> (or read) Unicode characters being referred to as "wide" characters
    >> which is likely what the "W" means in the CreateFileW function.

    >
    > Yep, 'W' is wide, meaning unicode (why didn't they use 'U'?) and 'A'
    > is normal, meaning ANSI (how it looks depends on your language
    > settings). The suffixes apply to Win API functions that have strings
    > as parameters. Normally you omit them (e.g. use CreateFile) and the
    > correct version is substituted, depending on your compiler settings.


    Excuse me butting in Ant, but I'd very much like your opinion on what
    was said about file names by a clever fellow when I was posting in the
    Kaspersky forums.

    To save reinventing the wheel, please look here: Message-ID:
    <wfqdnX669MFX6BzNnZ2dnUVZ8tmdnZ2d@bt.com>

    http://al.howardknight.net/msgid.cgi...2d%40bt.com%3E

    Does the post made by Paul (aka p2U) make good sense to you?

    Maybe you feel he was mistaken, perhaps.

    My thanks in anticipation of your help. :-)


  6. #56
    Ant Guest

    Re: Microsoft: piracy is getting virusy

    "David_B" wrote:

    > Excuse me butting in Ant, but I'd very much like your opinion on what
    > was said about file names by a clever fellow when I was posting in the
    > Kaspersky forums.
    >
    > To save reinventing the wheel, please look here: Message-ID:
    > <wfqdnX669MFX6BzNnZ2dnUVZ8tmdnZ2d@bt.com>
    >
    > http://al.howardknight.net/msgid.cgi...2d%40bt.com%3E
    >
    > Does the post made by Paul (aka p2U) make good sense to you?


    He's talking about MalwareBytes detection of some files by name only
    being a bad idea. While names can be an indication of malware, a
    scanner ought to look deeper. Most malware uses randomly generated
    names so it's pointless adding such a name to a list of bad actors.
    However, it may be that a particular malware reliably uses the same
    path and name which the scanner authors feel can be removed without
    further inspection. I don't know if that's the case here. Obviously
    such a method will cause problems if a legitimate application using
    that name is installed.



  7. #57
    David_B Guest

    Re: Microsoft: piracy is getting virusy

    Ant wrote:
    > "David_B" wrote:
    >
    >> Excuse me butting in Ant, but I'd very much like your opinion on what
    >> was said about file names by a clever fellow when I was posting in the
    >> Kaspersky forums.
    >>
    >> To save reinventing the wheel, please look here: Message-ID:
    >> <wfqdnX669MFX6BzNnZ2dnUVZ8tmdnZ2d@bt.com>
    >>
    >> http://al.howardknight.net/msgid.cgi...2d%40bt.com%3E
    >>
    >> Does the post made by Paul (aka p2U) make good sense to you?

    >
    > He's talking about MalwareBytes detection of some files by name only
    > being a bad idea. While names can be an indication of malware, a
    > scanner ought to look deeper. Most malware uses randomly generated
    > names so it's pointless adding such a name to a list of bad actors.
    > However, it may be that a particular malware reliably uses the same
    > path and name which the scanner authors feel can be removed without
    > further inspection. I don't know if that's the case here. Obviously
    > such a method will cause problems if a legitimate application using
    > that name is installed.


    Many thanks for your comments, Ant.

    Much appreciated! :-)


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •