Thursday, November 9, 2017

False antivirus reports on installers created with WinRAR


I recently observed that Setup files created with WinRar have a high false positive detection rate from antiviruses.
Here are the conclusions of some test I made, in order to reduce the false positive rate:

RAR version    SFX module     Detection ratio
WinRar 3.11      32bit             1/66
WinRar 4.2       32bit?            3/66
WinRar 5.50      32bit             6/67
WinRar 5.50      64bit             1/67

Notes:
The detection ratio is not affected by the 32/64 bit version of WinRAR program at all.
However, it is strongly affected by the SFX module used.

The test file created with WinRar was named Setup.exe and it contained a single URL file in it.
In one test, the Setup file was packed with UPX. This reduced the detection ratio from:
 8 false positives to only 4
 6 false positives to 6 (no reduction), in other case

A program built in Delphi raises more false positives if the 'Compiler optimizations' is on.

Friday, November 3, 2017

Thunderbird cannot connect to gmail after changing password [FIXED]

0) ALLOW LESS SECURE APPS: Login to gmail using your browser, switch to your google account (top-right round button), go to Sign-in & Security>Connected apps & sites, scroll down until reach Allow less secure apps:OFF and turn it ON (if it's already on, leave as it is);

1) DELETE OLD GMAIL PASSWORD: Launch Thunderbird, select Preferences>Security>Passwords>Saved Passwords, select the gmail account from the list and click Remove; 2) CHANGE GMAIL ACCOUNT SETTINGS: Launch Thunderbird, go to Tools>Account Settings>Server Settings of the gmail account you need to bring back to work, switch Authentication Method from Oauth2 to Normal Password and click OK (when requested by Thunderbird, digit the new gmail password);

3) Scroll down to the end of your account list on the left side of the window until you reach Outgoing Server (SMTP) and select it; 4) Select your gmail address from the list, click Edit, switch the Authentication Method to Normal Password as well and click OK

How to fix invalid Google Drive quota!

I recently have seen that 25% of my GDrive quota was occupied by something. But my GDrive has in it only 0.7GB. So, who gets the rest of the space.
It turns out that there are files in my Google Drive that are not assigned to a folder. Therefore they are "hidden" from view.

To see these files just click this link:
https://drive.google.com/drive/search?q=is:unorganized%20owner:me
Review what you want to keep/delete (probably you will delete them all) and get rid of them. Don't forget to empty your trash also.

No my quota shows only 6% occupied.

Friday, September 1, 2017

Yet another EurekaLog bug. How many until now?

I stepped last week in a multiple-bug situation with EurekaLog for Delphi. I again wasted MORE than a day with this buggy "exception tracer tool".

My DRP file is like this:

PROGRAM MyProgram;
uses
  {$ifdef win32}fastmm4,{$endif}
  EurekaLog_units_come_here

This worked fine until I compiled the program to 64 bits.
On 64 bit, EurekaLog refused to work. After lots of emails exchanged with their (slow) customer support I got NOTHING.
In the end I have found the problem: a bug (oh yes, another one) in EurekaLog. Eureka v7.4 could not properly parse the DRP file when it contains conditional directives like {$ifdef}.
So, because EurekaLog parse my dpr file was like this

 
PROGRAM MyProgram;
uses
  {$ifdef win32}fastmm4,
  EurekaLog_units_come_here
  {$endif}

Solution? None. The support guy from EurekaLog (Alex) invided me to pay for a new license on order to get a small update (same version, so update, no upgrade) to v7.5 which allegedly works. I won't do that. I should receive the UPDATE to the non-bugged version for free AT LEAST for the reason that I have invested time to help them locate the bug.

________________

Maybe they should write a bug tracker tool for their one bug tracker tool :)

Monday, August 14, 2017

Delphi programs have too many false positive detections

Most of my Delphi programs are flagged as virus by some antivirus programs. Some of these antivirus programs are really cheap/under-the-table products (such as Baidu and Comodo) other are big (TOP) name like Kaspersky.

In theory you should report a false positive to the antivirus producers so they can fix their bug but if the list is too long and you are lazy here is what you can do to decrease the number of false positive reports:
  • Don't turn on "compiler optimizations" when you release your app. It seems that more false alarms are triggered when this is turned on in the project.
  • If you MUST turn one the "compiler optimizations" you can pack your exe with UPX. This should shut up most antiviruses as they don't know to look inside the UPX
  • If you use WinRar, downgrade to v3.11 as this version does not give false positives (only one out of 64).

Tuesday, March 21, 2017

How to configure EurekaLog to send bugs via email

Email sender settings in EurekaLog v7
 


SMTP Server [1] SMTP client [3] Simple MAPI MAPI Shell (MailTo)











Can attach the ELP file Yes Yes Yes [2] Yes [2] No
See sender's email No [4] No Yes Yes Yes
Email client software* Not required Not required Required Required Required
Chance of success This has the highest chances among all e-mail based methods

Has HIGH chance to succeed IF user has email client installed WinMail and Outlook only

Can tell if the email was successfully sent? Yes? Yes Yes? Yes No


1 - Many antivirus products will flag your EXE as virus


2 - if "Append bug report text in the message text" is UNCHECKED

3 -
Typically, you should use either SMTP server or SMTP client, but not both methods simultaneously.
Bugged in EurekaLog v7.4.8.0 RC 1 - Error code = -2146885613 - The revocation function was unable to check revocation because the revocation server was offline. Maybe because: “Currently EurekaLog supports AUTH LOGIN and AUTH PLAIN authentication methods”?

4 - could be enabled via SetUserEMail function)
* If required: Email client must be installed and properly reconfigured. User must to click on "Send" in their e-mail clients. Automatic send without user actions is not possible. 

_____________ 

Please note that EurekaLog v7 is also plagued with several serious bugs! I contacted the producer but he didn't bother to reply until now.
 

Wednesday, March 15, 2017

Another bug in EurekaLog 7

I wanted to send an email ("Send via SMTP client") from EurekaLog v7.4.8.0 RC 1 but I was getting this error:

FAILED: Error code = -2146885613
The revocation function was unable to check revocation because the revocation server was offline
 
EurekaLog 7.4.8.0 RC 1
Testing send with TELMailSMTPClientSender
Options:
_BugAppVersion="21.0.17707.5020"
_BugID="73D40000"
_BugIDSource="bds.exe


 
My email is hosted by BlueHost but knowing how buggy EurekaLog is and considering the fact that all my accounts work flawlessly in Thunderbird I think the bug is not related to the BlueHost server.

I had to give up using "SMTP client" and user "SMTP server" instead.



 

Tuesday, January 3, 2017

Total Commander - the ultimate file manager for Windows (and recently for Android too)

Total Commander (aka Windows Commander) is the ultimate file manager for Windows (and recently for Android too).

Who can use it?
The regular Windows user that used all his life Windows Explorer will find Total Commander interface AT LEAST awkward. The interface concept and user experience is totally different in Total Commander. This doesn’t mean that Total Commander is bad or poorly design or difficult to learn. It is just different than Windows Explorer.
The regular user will require a day or two to accommodate with the concept ( experienced users will have no problem to gasp the new concept) but the efficiency improvement totally worth it. I am a Total Commander use since 1998 and I never ever (literally) used Windows Explorer again.

The concept
Total Commander solves an old design flaw of Windows Explorer. So old that regular computer user won’t even observe it anymore.
Many operations that you perform on files involve copying or moving files from one place (folder) to another. This is where Windows Explorer design fails: you work on two folders, the folder from where you copy the file (source) and the folder where you copy the file (destination), but Windows Explorer has one single panel. The Microsoft solution is to browse and open both folders and carefully drag and drop the files from source to destination. I say carefully because it is easy to ‘un-carefully’ drop the files in the wrong folder. Obviously there are also other methods but they are even more time consuming than this one. And when you close the Explorer all that work invested into locating your folders is gone. You have to start all over.
For a person that performs 1-2 file operations per day it is not a big deal, but for an intermediate user or a POWER user this is time consuming and error prone.
And, here is the time and place where you install Total Commander. Total Commander brings the concept of two parallel panels: it always shows on screen the source folder AND the destination folder. Now all you have to do is to drag and drop the files from one pane to the other (advanced users can user F5 and F6 keys for copy/paste).
Total Commander will remember the last used folders and ALSO the recent folders you navigated through. So, if you worked on a folder few hours ago and you want to return to that folder, you don’t have to browse the entire folder structure to locate it again. Using the History (Alt+DownArrow) you are back there with just one click.

The magic never stops
Total Commander has literary hundreds of features that are not present in Windows Explorer: FTP, compression support, fully customizable toolbar (that totally replaces the Start menu), CRC control, Mime encoding, advanced multi rename tool, advanced search tool, support for plugins (there are also thousands of plugins for Total Commander), thumbnail view, quick view, color coded file types, etc, etc, etc.
One of the useful functions we will investigate now is the File Queue. With this function you can Queue a long list of file operations for later execution and….


Disclaimer: I have no affiliation with Total Commander, except my affection for it :)