NAVIGATION
CATEGORIES
REFERRENCE
LINKS
Virus in Commercial Software?
14 answers - 446 bytes -
I recently purchased a copy of the Rosetta Stone language software, from an
Ebay seller in the UK. When I attempted to install the software, my Trend
Micro program popped up saying it had detected a file-infector called
PE_PARITE.A . It would not allow the installation to proceed. These discs
are completely original, not bootlegs. Why would Rosetta Stone include
something like this in their software, and what can I do about it?No.1 | | 1179 bytes |
| 
From: "Chris F." <zappymanNSPAM@hotmail.com>
| I recently purchased a copy of the Rosetta Stone language software, from an
| Ebay seller in the UK. When I attempted to install the software, my Trend
| Micro program popped up saying it had detected a file-infector called
| PE_PARITE.A . It would not allow the installation to proceed. These discs
| are completely original, not bootlegs. Why would Rosetta Stone include
| something like this in their software, and what can I do about it?
|
This may be a False Positive.
Rosetta Stone is a reputable software.
Determine what file is being deemed infected.
Then disable Trend Micro and submit the file sample to Virus Total --
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL
mailto:scan@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.No.2 | | 661 bytes |
| Chris F. <zappymanNSPAM@hotmail.comwrote:
I recently purchased a copy of the Rosetta Stone language software, from an
Ebay seller in the UK. When I attempted to install the software, my Trend
Micro program popped up saying it had detected a file-infector called
PE_PARITE.A . It would not allow the installation to proceed. These discs
are completely original, not bootlegs. Why would Rosetta Stone include
something like this in their software, and what can I do about it?
Did you read the installation instructions? They usually say to disable
anti-virus software before starting the install. That's why.No.3 | | 679 bytes |
| "Chris F." <zappymanNSPAM@hotmail.comwrote in
news:WTkfg.15595$A26.363380@ursa-nb00s0.nbnet.nb.ca:
I recently purchased a copy of the Rosetta Stone language software,
from an Ebay seller in the UK. When I attempted to install the
software, my Trend Micro program popped up saying it had detected a
file-infector called PE_PARITE.A . It would not allow the installation
to proceed. These discs are completely original, not bootlegs. Why
would Rosetta Stone include something like this in their software, and
what can I do about it?
You can temporarily disable your antivirus scanner. It is probably a false
alarm with Trend.No.4 | | 469 bytes |
|
Chris F. wrote:
I recently purchased a copy of the Rosetta Stone language software, from an
Ebay seller in the UK. When I attempted to install the software, my Trend
Micro program popped up saying it had detected a file-infector called
PE_PARITE.A . It would not allow the installation to proceed. These discs
are completely original, not bootlegs. Why would Rosetta Stone include
something like this in their software, and what can I do about it?No.5 | | 181 bytes |
|
You can temporarily disable your antivirus scanner. It is probably a false
alarm with Trend.
That's what I figured, I will give that a try.No.6 | | 1292 bytes |
|
"Axel Hammerschmidt" <hlexa@hotmail.comwrote in message news:1hg84g8.1l8kv6u1fen63sN%hlexa@hotmail.com
Chris F. <zappymanNSPAM@hotmail.comwrote:
I recently purchased a copy of the Rosetta Stone language software, from an
Ebay seller in the UK. When I attempted to install the software, my Trend
Micro program popped up saying it had detected a file-infector called
PE_PARITE.A . It would not allow the installation to proceed. These discs
are completely original, not bootlegs. Why would Rosetta Stone include
something like this in their software, and what can I do about it?
It is possible, though unlikely, that it was infected prior to distribution. There
have been cases like that in the past.
Did you read the installation instructions? They usually say to disable
anti-virus software before starting the install. That's why.
Because they knew it was infected with PE_PARITE.A? :))
A legitimate installation executable can get infected just as easily as any
other suitable (PE) program. Why would I want to deactivate my AV
to execute an installer program. Fact is - I would want to have it running
so that malware could be detected as it was extracted from wherever it
was stored.No.7 | | 1115 bytes |
| I turned off my AV software to install the program, and now - perhaps not
surprisingly - my AV software is frequently popping up to inform me of
infected files on my hard drive. Some are programs I use, some are not - it
seems to be completely random. I'm now uninstalling Rosetta Stone, and going
to to a throrough scan & quarantine.
This program obviously must have been infected after all. So what do I do
now, contact the distributor and inform them of the problem?
"Chris F." <zappymanNSPAM@hotmail.comwrote in message
news:WTkfg.15595$A26.363380@ursa-nb00s0.nbnet.nb.ca
>I recently purchased a copy of the Rosetta Stone language software, from an
>Ebay seller in the UK. When I attempted to install the software, my Trend
>Micro program popped up saying it had detected a file-infector called
>PE_PARITE.A . It would not allow the installation to proceed. These discs
>are completely original, not bootlegs. Why would Rosetta Stone include
>something like this in their software, and what can I do about it?
>No.8 | | 1872 bytes |
| edgewalker <null@null.invalidwrote:
"Axel Hammerschmidt" <hlexa@hotmail.comwrote in message news:1hg84g8.1l8kv6u
1fen63sN%hlexa@hotmail.com
Chris F. <zappymanNSPAM@hotmail.comwrote:
I recently purchased a copy of the Rosetta Stone language software,
from an Ebay seller in the UK. When I attempted to install the
software, my Trend Micro program popped up saying it had detected a
file-infector called PE_PARITE.A . It would not allow the installation
to proceed. These discs are completely original, not bootlegs. Why
would Rosetta Stone include something like this in their software, and
what can I do about it?
It is possible, though unlikely, that it was infected prior to
distribution. There have been cases like that in the past.
Name one. The discs are completely original.
Did you read the installation instructions? They usually say to disable
anti-virus software before starting the install. That's why.
Because they knew it was infected with PE_PARITE.A? :))
You will not be able to install most software without disabling AV. Some
small freeware/shareware programs can.
A legitimate installation executable can get infected just as easily as any
other suitable (PE) program.
Gets infected as easily as any other program? That's a sweeping
statement. How?
Why would I want to deactivate my AV to execute an installer program. Fact
is - I would want to have it running so that malware could be detected as
it was extracted from wherever it was stored.
Not only deactivate your AV, but you run as Admin when installing
software. The installation needs to have acces to vital parts of your
operating system. And of course, you do not normally run as Admin, do
you? No of course not! How stupid of meNo.9 | | 2343 bytes |
| From: "Axel Hammerschmidt" <hlexa@hotmail.com>
| edgewalker <null@null.invalidwrote:
|
>"Axel Hammerschmidt" <hlexa@hotmail.comwrote in message news:1hg84g8.1l8kv6u
>1fen63sN%hlexa@hotmail.com
Chris F. <zappymanNSPAM@hotmail.comwrote:
I recently purchased a copy of the Rosetta Stone language software,
from an Ebay seller in the UK. When I attempted to install the
software, my Trend Micro program popped up saying it had detected a
file-infector called PE_PARITE.A . It would not allow the installation
to proceed. These discs are completely original, not bootlegs. Why
would Rosetta Stone include something like this in their software, and
what can I do about it?
>>
>It is possible, though unlikely, that it was infected prior to
>distribution. There have been cases like that in the past.
|
| Name one. The discs are completely original.
|
Did you read the installation instructions? They usually say to disable
anti-virus software before starting the install. That's why.
>>
>Because they knew it was infected with PE_PARITE.A? :))
|
| You will not be able to install most software without disabling AV. Some
| small freeware/shareware programs can.
|
>A legitimate installation executable can get infected just as easily as any
>other suitable (PE) program.
|
| Gets infected as easily as any other program? That's a sweeping
| statement. How?
|
>Why would I want to deactivate my AV to execute an installer program. Fact
>is - I would want to have it running so that malware could be detected as
>it was extracted from wherever it was stored.
|
| Not only deactivate your AV, but you run as Admin when installing
| software. The installation needs to have acces to vital parts of your
| operating system. And of course, you do not normally run as Admin, do
| you? No of course not! How stupid of me
It is possible. Even Microsoft had this problem -- once.
The Korean division of Microsoft once shipped packaged CDRMs with a virus on it.No.10 | | 1250 bytes |
| From: "Chris F." <zappymanNSPAM@hotmail.com>
| I turned off my AV software to install the program, and now - perhaps not
| surprisingly - my AV software is frequently popping up to inform me of
| infected files on my hard drive. Some are programs I use, some are not - it
| seems to be completely random. I'm now uninstalling Rosetta Stone, and going
| to to a throrough scan & quarantine.
| This program obviously must have been infected after all. So what do I do
| now, contact the distributor and inform them of the problem?
You need to prove the point first. You have not done so.
As I stated much earlier in this thread
Determine what file is being deemed infected.
Then disable Trend Micro and submit the file sample to Virus Total --
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL
mailto:scan@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.No.11 | | 400 bytes |
| From: "Chris F." <zappymanNSPAM@hotmail.com>
| A scan of the hard drive turned up some 88 infected .EXE files. I somehow
| don't think an original vendors disc is supposed to do that.
|
You still haven't followed my directions.
Nor have you detailed the 88 fully qualified names and paths to the EXE files and what they
were declared to be infected with.No.12 | | 1532 bytes |
| A scan of the hard drive turned up some 88 infected .EXE files. I somehow
don't think an original vendors disc is supposed to do that.
"David H. Lipman" <DLipman~nospam~@Verizon.Netwrote in message
news:aUjgg.2348$PY6.1150@trnddc05
From: "Chris F." <zappymanNSPAM@hotmail.com>
| I turned off my AV software to install the program, and now - perhaps
not
| surprisingly - my AV software is frequently popping up to inform me of
| infected files on my hard drive. Some are programs I use, some are not -
it
| seems to be completely random. I'm now uninstalling Rosetta Stone, and
going
| to to a throrough scan & quarantine.
| This program obviously must have been infected after all. So what do I
do
| now, contact the distributor and inform them of the problem?
--
You need to prove the point first. You have not done so.
As I stated much earlier in this thread
Determine what file is being deemed infected.
Then disable Trend Micro and submit the file sample to Virus Total --
The submission will then be tested against many different AV vendor's
scanners.
That will give you an idea what it is and who recognizes it. In addition,
unless told
otherwise, Virus Total will provide the sample to all participating
vendors.
You can also submit a suspect, one at a time, via the following email
URL
mailto:scan@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.No.13 | | 659 bytes |
| May 31, 2006, Chris F. wrote:
I recently purchased a copy of the Rosetta Stone language software, from an
Ebay seller in the UK. When I attempted to install the software, my Trend
Micro program popped up saying it had detected a file-infector called
PE_PARITE.A . It would not allow the installation to proceed. These discs
are completely original, not bootlegs. Why would Rosetta Stone include
something like this in their software, and what can I do about it?
--
thing no one has mentioned is contacting the developers. Maybe you could
match up exe file sizes and dates, or ask if this is normal behavior.No.14 | | 2290 bytes |
|
"Axel Hammerschmidt" <hlexa@hotmail.comwrote in message news:1hgd7ng.eawzfy1w9uimwN%hlexa@hotmail.com
edgewalker <null@null.invalidwrote:
"Axel Hammerschmidt" <hlexa@hotmail.comwrote in message news:1hg84g8.1l8kv6u
1fen63sN%hlexa@hotmail.com
Chris F. <zappymanNSPAM@hotmail.comwrote:
I recently purchased a copy of the Rosetta Stone language software,
from an Ebay seller in the UK. When I attempted to install the
software, my Trend Micro program popped up saying it had detected a
file-infector called PE_PARITE.A . It would not allow the installation
to proceed. These discs are completely original, not bootlegs. Why
would Rosetta Stone include something like this in their software, and
what can I do about it?
It is possible, though unlikely, that it was infected prior to
distribution. There have been cases like that in the past.
Name one.
No.
The discs are completely original.
Doesn't matter.
Did you read the installation instructions? They usually say to disable
anti-virus software before starting the install. That's why.
Because they knew it was infected with PE_PARITE.A? :))
You will not be able to install most software without disabling AV. Some
small freeware/shareware programs can.
What is it that they do that is so special that AV must be disabled?
A legitimate installation executable can get infected just as easily as any
other suitable (PE) program.
Gets infected as easily as any other program?
I said 'suitable (PE) program'.
That's a sweeping statement. How?
By a (PE) file virus. This is what file viruses do.
Why would I want to deactivate my AV to execute an installer program. Fact
is - I would want to have it running so that malware could be detected as
it was extracted from wherever it was stored.
Not only deactivate your AV, but you run as Admin when installing
software. The installation needs to have acces to vital parts of your
operating system. And of course, you do not normally run as Admin, do
you? No of course not! How stupid of me
course I do, I use Win98 - where everyone can be admin. ;))
QUESTION ON "Computer Virus"
- rtf file risks?
- rtf file risks?
- yikes! anybody got this problem?
- Once Again, Symantec Screws the Pooch
- 06/06/2006
- Which one AVG OR NORTON?
- Scanning for Viruses-1.
- LOOKING FOR MEMBERS FOR GROUP
- LOOKING FOR MEMBERS FOR GROUP
- Seeing massive access attempts on port 21098
- HELP - I NEED A VIRUS
- help getting rid of proxy.zorpix.u (artm_new.dll)
- Scanning for viruses-2.
- System Restore vs. ERUNT.
- antivir vs avast and avg and mcafee/norton/pc-cillin?
- Teen Sister In the shower hidden Cam
- More sites forcing virus downloads?
- Freedom AV confusion - is there adware in the online scanner ?
- Comodo Antivirus
- Norton AV 2005 version. I HAVE NEVER FOUND A VIRUS ? WHY?