A fair amount of work (Rufus T. Firefly comes to mind) is locked up in .ace files - & I can't even get WinRAR et. al. to even recognize them as compressed files ...
-
z
-
z
How Can I Decompress .ace Files In The 21st Century?
- Thread starter Ozymandias
- Start date
Ozy... this might help shed some light on the subject:
https://file.org/extension/ace
https://file.org/extension/ace
Huh! WinRAR specifically did not work, nor 7Zip. TY!- I'll give the others a go.
WildWeazel
Carthago Creanda Est
Some wiki-ing suggests it might be a newer file version than WinRAR can handle. If nothing else works there's a Linux utility for extracting them, so I can convert and re-upload specific files if you point them out.
WildWeazel
Carthago Creanda Est
Well, don't thank me yet. I've tried 3 just to check and they've all failed:
Code:
File compressed with unknown method. Decompression not possible.
Node60
Prince
Try WinAce. The official website, as I understand it, is dead.
https://www.softportal.com/getsoft-454-winace-1.html
https://www.softportal.com/getsoft-454-winace-1.html
It's a Russian site - which, until recently, I'd have had no problems with (indeed, I recently posted a link to one Russian mod archival site.) I'm already torn between having used, and liked, Kaspersky for years - and now the US Gov has declared it a national security risk
Jorsalfare
Prince
Once upon the Time I unpacked Rufus' .ace files, but that is several computers (and Windows versions) since. I cannot any longer remember which program I used back then.
[EDIT:] - Come to think of it - it might have been ZipGenius...
However: My current unzip-utility is PeaZip, but support for .ace files is not built-in by default. You would need a plug-in for that. While the plug-in is available, the use of this it is not recommended, since it hasn't been maintained since 2006, and it is known to be "suffering critical security issues". A solution could of course be to download the plug-in, disconnect the computer from internet, install the plug-in, unpack the files and then delete the .dll belonging to the plug-in before reconnecting to the internet. This would at least reduce the risk (I think).
In case You haven't already found it: the Wikipedia article "Comparison of file archivers" has a table of compression formats and which programs that can handle them (including .ace format).
Hope this was kind of useful.
Regards, Sigurd.
[EDIT:] - Come to think of it - it might have been ZipGenius...
However: My current unzip-utility is PeaZip, but support for .ace files is not built-in by default. You would need a plug-in for that. While the plug-in is available, the use of this it is not recommended, since it hasn't been maintained since 2006, and it is known to be "suffering critical security issues". A solution could of course be to download the plug-in, disconnect the computer from internet, install the plug-in, unpack the files and then delete the .dll belonging to the plug-in before reconnecting to the internet. This would at least reduce the risk (I think).
In case You haven't already found it: the Wikipedia article "Comparison of file archivers" has a table of compression formats and which programs that can handle them (including .ace format).
Hope this was kind of useful.
Regards, Sigurd.
Last edited:
TY! I just d/l-ed PeaZip; I have an old laptop which I use for "unpacking" potential malware. I, as a matter of course, have 3 layers of security in place - and then I also use CCleaner for removing trackers, etc. Still: “Just because you’re paranoid doesn’t mean they’re not after you.” (Joseph Heller, Catch-22) 
Node60
Prince
TY! I just d/l-ed PeaZip; I have an old laptop which I use for "unpacking" potential malware. I, as a matter of course, have 3 layers of security in place - and then I also use CCleaner for removing trackers, etc. Still: “Just because you’re paranoid doesn’t mean they’re not after you.” (Joseph Heller, Catch-22)
Real, proper paranoids use a virtual machine. It can be destroyed after a potentially dangerous operation
Jorsalfare
Prince
...Still: “Just because you’re paranoid doesn’t mean they’re not after you.” (Joseph Heller, Catch-22)
Amen to that!
WildWeazel
Carthago Creanda Est
Offline virtual machine. Anything on your local network can still be a threat.Real, proper paranoids use a virtual machine. It can be destroyed after a potentially dangerous operation
Node60
Prince
Offline virtual machine. Anything on your local network can still be a threat.
Virtual machines can be created in the cloud (for example, in AWS).
Last edited:
- Joined
- Mar 17, 2007
- Messages
- 9,280
Spoiler softwareportal.com findings :
What I did find that worked on this test unit is this Python library, which I was able to decompress with this command:
Code:
python.exe C:\Development\Python\acefile\acefile.py correcthawking.aceThis was after downloading the code for the library to C:\Development\Python\acefile . I also happened to already have Python 3.10 installed, although I am not a Python developer.
So the bad news is we haven't found a great user-friendly way to do it yet. The good news is we now have a way to do it.
Node60
Prince
Quintillus, I downloaded the latest version of Winace from the web archive (the link was found on wikipedia).
https://web.archive.org/web/20110121225116/http://www.winace.net/files/wace269i.exe
Virustotal.com almost does not swear at her (1/69). Of course, when using it, it is better to take some precautions (VM with network disconnection, etc.)
Have you tried to unpack ace with the "unace-nonfree" program for linux?
https://web.archive.org/web/20110121225116/http://www.winace.net/files/wace269i.exe
Virustotal.com almost does not swear at her (1/69). Of course, when using it, it is better to take some precautions (VM with network disconnection, etc.)
Have you tried to unpack ace with the "unace-nonfree" program for linux?
Atop the 4 layers of security I always run, I'll sometimes "quintuple check" with the online "VIRUSTOTAL." It came back with:
"Zoner - Probably Heur.ExeHeaderP" - But "Zoner" was the only catch, among the 80 or so other sources utilized.
EDIT: Woops! - Same source, different results ... ?
"Zoner - Probably Heur.ExeHeaderP" - But "Zoner" was the only catch, among the 80 or so other sources utilized.
EDIT: Woops! - Same source, different results ... ?
Node60
Prince
https://www.virustotal.com/gui/file/426b19f26c03dfc5db649f980b77dfbdb0aed7623dd0451418cdcc6c535eb696
Another option. I have found online ace converters to other formats (e.g. zip). I haven't checked how they work or if they work at all.
About the essence of vulnerability:
https://research.checkpoint.com/2019/extracting-code-execution-from-winrar/
When using older versions of Winrar (in the case of other archivers, there is also probably a vulnerability, since its cause is an external dll used for decompression), when unpacking a specially prepared archive, the malware in it can be unpacked into the startup folder, and (if addressing is guessed and permissions are available) over the network. At the time of unpacking, the malware does not receive control and is activated only after a reboot or re-login. During this time, you can view the contents of the startup folder or perform an antivirus scan of the system. And it is better to take the unpacked files and delete the virtual machine in which this operation took place. Another conclusion is that archives guaranteed to be created before February 20, 2019 (publication of the vulnerability) can be considered conditionally secure.
At least that's how I understood it.
Last edited:
Similar threads
