-=PCTechTalk=- Re: Slipstreaming and cloning WAS: Re: Email Clients . . . 2 at once?
- From: "Don101" <don101@xxxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Tue, 23 Sep 2008 11:24:36 -0400
WOW. Even with a full Gig of RAM allotted to the VM working with
PortableApps PAM and with LupPenSuite's version of ASuite is extremely
slow. I think I will move my work zone for these to the host instead.
Otherwise the newly created XP Pro install ISO works fine (so far).
So far I definitely prefer the PortableApps launcher over ASuite.
Especially since I found an "unofficial" fork that adds a much needed
feature: menu folders (categories) for apps. It also adds several
other useful features. I am downloading that now and will be looking
at it.
I may still strip everything and just click on a shortcut to the
exe... especially if I can figure out how to create a "menu" to stick
in the top right of the START menu like is done with My Documents and
My Computer etc.
Additional comments are mixed in below and separated by the usual
*****.
Don
----- Original Message -----
From: "Gman" <gman.pctt@xxxxxxxxx>
To: <pctechtalk@xxxxxxxxxxxxx>
Sent: Monday, September 22, 2008 9:30 PM
Subject: -=PCTechTalk=- Re: Slipstreaming and cloning WAS: Re: Email
Clients . . . 2 at once?
> Don,
> For my project, ALL of those 'collections' are immediately
> stripped
> since I have to test each app & utility on their own merits (within
> the
> sandbox, of course). I already stripped out the two larger
> collections you
> mentioned in your reply.
*****
I will likely be hunting for additional apps and collections after I
finish with these two. Suggestions are welcome.
*****
>
> I have found that a LOT of portable apps were created using a
> type of
> packager (the compression scheme) that automatically gets them
> flagged as
> possible malware by different AV programs because it's the same
> packager
> used by many malware authors. To get around this, I have to tell
> the AV to
> ignore the file, temporarily disable the AV, upload the file to
> TotalVirus
> and then check the results there to see what over 30 different AV
> engines
> have to say. In most cases, I'm finding that the flag is just the
> result of
> suspicion based on the packager and is not based on any true malware
> threat.
> In other words, the last two months of working on this project has
> taught me
> a LOT about the origins of False Positives. If my approach
> interests you,
> download and install the TotalVirus Uploader utility. It'll put a
> VirusTotal entry in your Send To folder that you can use to test any
> file on
> your hard drive. Right click a file, go to SendTo > VirusTotal and
> the file
> will upload. Your browser will then open and show you the results.
> If
> you're testing a file that's been flagged by your own AV, the AV
> must be
> told to ignore the file and then disabled before the file can be
> sent to the
> site for analysis. Otherwise, the AV will have a lock on the file
> that will
> prevent the upload.
*****
At first I was having some problems in the VM with the display
drawing/not drawing correctly and other things. Since this was a new
install and some work was done on the internet before all security
software was installed and updated I suspected maybe a virus or other
malware. I apparently started a scan in the VM but the problems
prevented me from actually _knowing_ I did. I dropped to the host and
launched a scan there also. Long time later CA on the host reported
one malware quarantined and one .exe deleted. The VM scan reported
everything clean.
On the host scan the following was found:
win32/adclicker.JO, a trojan was found in epm.exe (on host only drive,
in folder of old stuff copied from old install on laptop). epm.exe
was deleted.
win32/Malum.DNOR, an unknown type, was found in lightup.exe in an area
shared with host and VM. It was quarantined and I then deleted it.
Lightup.exe is a puzzle game that is part of the LupoPenSuite. I
suspect that was a false positive but I don't care. I deleted it
anyway as I am very unlikely to ever play it.
I have not yet done any research on either the malware or the files
they infected.
*****
>
> If you're looking for more PA sites, I will send them in as I
> come
> across them. I know of at least five such collections, but I don't
> hav
> access to those links right now. In the meantime, here's one that
> has a few
> items that might be of interest.
>
> http://www.docsdownloads.com/Tier1/direct.htm
*****
I took a quick visit there. I did not see anything there that
referred to those apps as "portable". Is this just some useful tools
or are they all supposed to be portable. Adobe PDF Reader is not
portable as far as I know so I assume the former.
*****
>
>
> Once I have my own collection selected and organized, I will
> begin
> testing of the numerous utilities used to 'package' collections like
> this
> (the reverse of stripping them).
>
So far I really like the PAM from Portableapps.com. Probably even
more so after I get a whack at the unofficial fork mentioned above.
Look here:
http://ptc-kain-planet.de/mod.php
and here:
http://ptc-kain-planet.de/details.php?file=283
(the download link is located just above the dark pink bar labeled
File Toolbox)
*****
---------------------------------------------------------------
Please remember to trim your replies (including this sentence and everything
below it) and adjust the subject line as necessary.
To unsubscribe or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
To contact only the PCTT Mod Squad, write to:
pctechtalk-moderators@xxxxxxxxxxxxx
To join the PCTableTalk off-topic group, send a blank email to:
pctabletalk+subscribe@xxxxxxxxxxxxxxxx
---------------------------------------------------------------
Other related posts:
