I'm new to the NZBD world, so need a bit of hand holding!
Some files I've downloaded have odd file extensions eg Xvid-aWR and won't play with VLC. The file directory also has a a sub-directory 'Codec' which contains a MS executable 'Setup.exe', which I'm deeply suspicious of (and wouldn't be of use to a Linux machine anyway). The Setup.exe file passes clamav, though.
What's all this about, please?
Jim
'Funny' XviD file extensions?
Forum rules
Help us help you:
Help us help you:
- Are you using the latest stable version of SABnzbd? Downloads page.
- Tell us what system you run SABnzbd on.
- Adhere to the forum rules.
- Do you experience problems during downloading?
Check your connection in Status and Interface settings window.
Use Test Server in Config > Servers.
We will probably ask you to do a test using only basic settings. - Do you experience problems during repair or unpacking?
Enable +Debug logging in the Status and Interface settings window and share the relevant parts of the log here using [ code ] sections.
Re: 'Funny' XviD file extensions?
That's a virus.
Easy check: go to https://www.virustotal.com/ and upload that setup.exe file ... see the results ...
In my experience clamav is useless as it does not detect viruses when other virus scanners do.
Regarding newsgroup posts like this:
1) I've written a post-processing script to check such downloads against virustotal (so no need to have a virusscanner on your Linux). Only if you know how to use post-processing script, you could consider to use it. See http://forums.sabnzbd.org/viewtopic.php ... 043#p93043
2) I'm writing a SABnzbd modification to pause/abort the download of a post which has an .exe in it. Probably too early for you to use that right now. You could have a sneak previes at http://forums.sabnzbd.org/viewtopic.php ... 37&p=93525
Easy check: go to https://www.virustotal.com/ and upload that setup.exe file ... see the results ...
In my experience clamav is useless as it does not detect viruses when other virus scanners do.
Regarding newsgroup posts like this:
1) I've written a post-processing script to check such downloads against virustotal (so no need to have a virusscanner on your Linux). Only if you know how to use post-processing script, you could consider to use it. See http://forums.sabnzbd.org/viewtopic.php ... 043#p93043
2) I'm writing a SABnzbd modification to pause/abort the download of a post which has an .exe in it. Probably too early for you to use that right now. You could have a sneak previes at http://forums.sabnzbd.org/viewtopic.php ... 37&p=93525
Re: 'Funny' XviD file extensions?
Thanks 'sander' for the quick and informative reply.
So, do the 'funny' additions to the Xvid extensions have any significance eg Xvid-aWR?
Jim
So, do the 'funny' additions to the Xvid extensions have any significance eg Xvid-aWR?
Jim
Re: 'Funny' XviD file extensions?
First of all: can you confirm virustotal said the setup.exe was a virus?
Now your question:
I searched binsearch for xvid-awr, and I got a 2014 movie with an old-testament sailor name (which I don't mention here as we don't talk about content here). Is that the same post as yours?
If so: I only find "Xvid-aWR" in a directory name, not in a file name.
There is a file with plain extension .avi in it, and/but the 'avi' is pure fake.
Anyway: it doesn't matter. If there is codec/setup.exe (or any exe), skip it. Or use my virustotal post-processing script to do the checking automatically.
Now your question:
I searched binsearch for xvid-awr, and I got a 2014 movie with an old-testament sailor name (which I don't mention here as we don't talk about content here). Is that the same post as yours?
If so: I only find "Xvid-aWR" in a directory name, not in a file name.
There is a file with plain extension .avi in it, and/but the 'avi' is pure fake.
Anyway: it doesn't matter. If there is codec/setup.exe (or any exe), skip it. Or use my virustotal post-processing script to do the checking automatically.
Re: 'Funny' XviD file extensions?
These jobs are almost certainly intentionally b0rked by the uploader, in an attempt to encourage dumb enough windoze users to run the included exe.
Re: 'Funny' XviD file extensions?
Correct. And these posts are flooding the newsgroups at the moment. The newsgroup world is becoming a torrent worldjcfp wrote:These jobs are almost certainly intentionally b0rked by the uploader, in an attempt to encourage dumb enough windoze users to run the included exe.
Re: 'Funny' XviD file extensions?
Looks like I might have come a bit too late to the party!sander wrote:Correct. And these posts are flooding the newsgroups at the moment. The newsgroup world is becoming a torrent worldjcfp wrote:These jobs are almost certainly intentionally b0rked by the uploader, in an attempt to encourage dumb enough windoze users to run the included exe.
Thanks again for the replies.
Jim