CUSA Posted July 13, 2006 Share Posted July 13, 2006 We are testing various editions of Paint.NET on the Microsoft Windows XP SP2 with all of the updates and .NET packages pre-installed. We first downloaded the Paint.NET 2.63 with .NET 2.0 from the Fileforum site and loaded it with Custom - No Automatic updates. The program wouldn't install without calling the crl.usertrust.com. We packet logged the installation and completely blocked the Internet. Eventually it appeared to install. When I attempted to open a tif file for editing the firewall alarmed with a Paint.NET is trying to reach ftp.eunet.bg (193.68.3.247) Bulgaria--access was denied. Then Paint.NET tried to call the.earth.li and then ftp.chiark.greenend.org.uk and began an internal denial of service attack. The version of XP Pro SP2 is OEM, (completely new install) with Genuine Advantage. We downloaded the 2.64 without the .NET packages and installed it after removing the other version and deleting the installation directory and it is working perfectly without a glitch or single firewall alarm and it doesn't appear to call the Internet when opening and closing a file or when uninstalling. We installed it without the automatic updates. Any thoughts or similar experiences? Is there a way to verify download integrity by including an MD5 Sum or CRC checksum on the download page? Quote Link to comment Share on other sites More sharing options...
Born2killx Posted July 13, 2006 Share Posted July 13, 2006 well crl.usertrust.com seems to have security certificates. ftp.eunet.bg doesn't seem to be an active site. the.earth.li hasd very little things. ftp.chiark.greenend.org.uk has very little things. you must have downloaded a glitchy version. Quote I built my first computer at age 11! Link to comment Share on other sites More sharing options...
Bob Posted July 13, 2006 Share Posted July 13, 2006 * Fixed a startup performance problem on some systems that was an artifact of the way the .NET Framework was verifying Authenticode signatures as part of its assembly loading process Quote No. Way. I've just seen Bob. And... *poof!*—just like that—he disappears into the mist again. ~Helio Link to comment Share on other sites More sharing options...
Rick Brewster Posted July 13, 2006 Share Posted July 13, 2006 If you're worried about the download integrity just verify the digital signature on the package. See the end of this thread for an explanation as to what is going on with respect to the crl.usertrust.com connection, it's completely harmless but fixed in 2.64: http://paintdotnet.12.forumer.com/viewt ... ow+startup . Paint.NET does not "call Bulgaria" or those FTP sites. If you are seeing connections like that then you have something else on your system that is probably hijacking the PaintDotNet.exe process and injecting a thread or threads to do various things. Please run a full virus and antispyware scan. Quote The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.