Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this wise?


  • Please log in to reply
7 replies to this topic

#1 michael-m

michael-m

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 06 September 2012 - 03:24 PM

Is it wise to turn off my AV and Firewall to enable a purchased file to download?

I've bought a download that won't run smoothly. Tech support suggest the file is being interrupted and I should turn off AV and Firewall and re-download.

Dodgy practice? I'm rather reluctant to follow their suggestion.

Michael

BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:11:12 PM

Posted 06 September 2012 - 03:39 PM

I create a specific folder for downloads only. I have nothing else open when downloading. If this is a trustworthy site you can turn off your AV and other preventative measures then download the application. As soon as it finishes downloading, immediately re-enable all your protection. Then scan the heck out of it.

If you have an inkling of doubt about the site and or their product. Get a refund. And forget about it.

I do NOT recommend the above practice for anything free or in the least bit suspicious. Depending on the cost of the transaction weigh the benefits. Only you can make that decision.

EDIT:
Others may disagree with me and thats fine. When it comes to a purchase I can't make that call for somebody else's money. Only you can decide what a transaction is worth. This is not a practice to take lightly.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 michael-m

michael-m
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 06 September 2012 - 03:42 PM

That makes sense, thanks.

#4 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:11:12 PM

Posted 06 September 2012 - 04:00 PM

You're quite welcome.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:12 AM

Posted 06 September 2012 - 04:04 PM

You could boot from a Linux Live CD and use that to download said file.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:12 AM

Posted 06 September 2012 - 04:07 PM

Then scan the heck out of it.


Since it's commercial software, there's a significant probability it's digitally signed. If it is, check the signature, then you know at least that it has not been tampered with.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Romeo29

Romeo29

    Learning To Bleep


  • BC Advisor
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:01:12 AM

Posted 09 September 2012 - 11:46 AM

Also calculate the SHA1 hash of the downloaded file using something like http://code.kliu.org/hashcheck/

Then search that hash on sites like http://www.virustotal.com

This way you would get an idea about how other antivirus products detect that file.

Edited by Romeo29, 09 September 2012 - 11:48 AM.


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 PM

Posted 10 September 2012 - 02:11 AM

Tech support suggest the file is being interrupted and I should turn off AV and Firewall and re-download.

If you will leave a link, the download / program (or whatever it is) can be checked / verified for you
If it is more personal, please ignore my request -

Thank You -




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users