My Kaspersky IS 2010 is saying my AACENTER.EXE has a high danger rating, since it does not have a digital signature. My options are to, "Allow program execution," "allow execution, but block dangerous operations," or "block application execution" altogether. I check the source, it is in the ASUS program. Because of the inherent danger, I am unsure whether to allow execution, though I think I should be safe, since I have an ASUS M3N78 PRO motherboard. (1) How am I supposed to know and/or respond to this stuff? (2) Is there a best practice to determining how to respond to threats like this that I don't understand to begin with?
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Thanks, jakopriit. Comparing my binaries to a fresh install sounds like a programmer's domain, and I'm nowhere close to that, LOL!!
If I require training, would I be able to break that down and request the answers here, on Experts Exchange? Should I perhaps do that for each questionable popup from KIS, jakopriit, and just take it from there?
no, comparing binaries has nothing to do with programming. you only verify that it hasn't changed since you first installed it. one can do it with near 100% confidence comparing just hashes (http://en.wikipedia.org/w
no need to be sarcastic. there's training and there's training on elementary level that gives the ability to break a problem down and request answers. You could do that for each questionable popup but
if you were trained and able to match the AACENTER to its original source on from the Asus download site and confirm that it hasn't changed (ie not contaminated) since and hence relatively safe to run
you wouldn't need to come to experts-exchange to spray bile on modest and respectful answers.
I'm not sure where you interepreted that I was being sarcastic, because I wasn't, not in the least! My response was 100% sincere. Like your modest and respectful answers, my questions were also modest, and respectful, I felt. Did you interpret sarcasm from the bold I used to highlight the keywords, or the way I phrased my question?
I will say that a lot of what you're telling me is, well, like Greek to me. I'm not good at tech-speak, though I have a little bit of a grasp on some of the terms. So, training on an elementary level, that give the ability to break a problem down and request answers, you suggest I get that from where, jakopriit? Just thinking out loud, but you mean sources like Wikipedia, or human sources like yourself?
Again, I reitterate that my responses are in no way intended to be sarcastic, and it's unfortunate that you would interpret them that way. I am certainly capable of sarcasm, so perhaps it's some energy you picked up on, but maybe you should turn down your sensitivity meter as well, jakopriit. (Okay, so that could be considered to contain a little sarcasm, but with no intent beyond merely poking a little good-natured fun on a situation that has become more tense than it should be. Are we on the same level here, now?)
Respectfully yours, CanadianJeff... (okay, so that is also meant to be a little sarcastic, but only a little, and again on an enjoyable level where we can hopefully both share a laugh!!)
please, sir. do not bs me for I am the grandmaster at sarcasm ;)
"if <emphasis>, would <something that happened>?" is definitely a sarcastic question. if you wish, we can put up a public poll to grade the sarcasm in it :P
however. since you assure that it was not your intent and you accidentally happened to convey sarcasm, I am willing to let it go.
now onto the business at hand. as I told:
Noone can never be 100% sure of the intended outcome of a program that is about to run if one himself were not solely responsible for it and the whole environment it runs upon. so, your only options are to take a few educated (hence the training/experience need) guesses.
on the specific case of the AACENTER you could look at the path the program is run from and deducting that it is a part of the Asus software package adding the fact that you have an Asus motherboard you could say right then and there with fair confidence that "Allow program execution" would be ok.
if the suspicion stays you could muster the CD you installed the Asus software from and unpack the AACENTER program binaries from the install image (usually an .MSI). you could then hash the newly unpacked program and hash the program you had suspicions on, compare those hashes and in case of a hash match assume that Asus does not distribute malware and decide that "Allow program execution" is the way to go.
if the suspicion does not subside you could then muster an unregistered handgun and hold the testicles of an Asus engineer at gunpoint while you answer "Allow program execution" having previously explained that if the program does not what it should your trigger finger will have an involuntary twitch.
If the suspicion still stays, I'd recommend a mental institution with a "no laptops" policy :D
now that should have evoked at least a smile! I know I smirked.
just a hint: now, the proper way to respond to this would be with the O RLY owl (http://www.youtube.com/wa
btw: a popular winduhs md5 hasher can be downloaded from: http://www.elgorithms.com/
Gee, thanks for your forgiveness jakopriit. My life is complete now. Ahahahaha. Nope, not the O RLY owl, eh? (as my Canadian friends would say.) But, since you are the "grandmaster," I know you will appreciate that. That it was my intention, and my thought that went into the original statement; I never had any doubt about it, frankly, whether it conveyed sarcasm or not, so I really didn't require the grammatical lesson, because I know that not only is "not everything as it seems," but in fact it seldom is! My point being that despite whether I misrepresented what I was trying to say or whether you misinterpreted what I was trying to say, what I meant to say is what I meant to say, and once we both understood what I meant to say, not a lot else needs to be said about it except to move on and deal with what I was really trying to say! (Whoa. I think that may have even made sense, LOL!!)
Moving "onto the business at hand," as you so aptly put it, your answer was perfect, and helpful, and reassuring, and for sure thanks for the laugh, your scheme definitely brought a smile to my face. Better yet, you've given me some comfort in knowing that I can allow programs from entitites like ASUS, or Microsoft, or AMD, for 3 examples, have their run of my computer (by sourcing the program if necessary), without fearing that I am somehow being compromised. I'm not sure if I'll go to the extent of using the hasher or not (no offense intended), as I'm just not that into spending the kind of time learning the inner workings of the computer... I'd rather use the outer workings and tools of the machine, and I'd rather ask really smart people like yourself! I mean that sincerely, and you can rest assured that I also mean it when I say "Thanks, buddy, I do appreciate it."
Business Accounts
Answer for Membership
by: jakopriitPosted on 2009-09-09 at 08:43:51ID: 25292464
Jeff,
1) Unless you can do the source code review, there is no way to be sure whether you should allow something to be run. And code review privileges are reserved for users of open source software, in case of Microsoft to some government institutions and in case of tailor made software to users who remembered it to specify that in contracts.
in case of other software, you can compare your binaries to a fresh install and hope that it in itself doesn't contain some sort of a time bomb.
2) Best practice is very dependent on your domain and a security class you deal with (and I'm not talking about M$ domains) but the advice I can give out here at this point is to get help - ask someone more knowledgeable to train you if you can't afford to hire this person.