Second opinion requested! Does anyone else get a warning? (was -

On Thu, 11 Jun 2020 13:38:40 -0700, Mike Easter
wrote:

David_B wrote:
I'm simply trying my best to expose any bad actors I might find online.

That isn't actually what is going on w/ you.

You already know that others who are more skilled than you do not share
your concerns about this clamxav issue.

In fact, once upon a time you were confused about your observations
while messing w/ clamxav. Then, next you became 'miffed'/
inappropriately 'offended'/ because clamxav dev wouldn't 'dance' w/ you.
Then next you look everywhere you can to attempt to besmirch clamxav
such as wailing because they don't choose to do their support in FB and
instead to provide their support in their own way. You try to make a
'big deal' out of the fact that in terms of 'commercial presence'
clamxav isn't a 'big deal' because -1- Mac AV isn't really a very
important sphere -2- clamxav's popularity waned when they stopped giving
it away -3- the engine clamav and its db isn't a very important engine/db.

And, you like to make noise about it to stir up activity, which is
'trollish'.

And you like to pretend to be an 'investigator'. which 'job' you once
agreed that you would or should cease because you weren't an expert, but
you didn't/haven't.

At least he RE-discovered what a .KO file is. Forgetting must
have been VERY difficult, what with his claim he's been
"investigating" Apple malware for years.
Or maybe not so difficult. BD suffers from self-inflicted
chemically induced brain damage.
Group where main discussion occurred reinstated, even though
it was OT.
[]'s

--
Don't be evil - Google 2004
We have a new policy - Google 2012

"David_B" wrote:
On 11/06/2020 11:16, Eric Stevens wrote:
On Thu, 11 Jun 2020 08:55:44 +0100, "Apd" wrote:
It was alerting on a script from cdn.siteswithcontent.com. That domain
has apparently been associated with adware. The script is OK so it's a
false positive.

Even so, I don't expect that David either knew or intended that it be
there.

Thanks, Eric. :-)

I had absolutely no idea it was there. :-(

No reason why you would.

I wonder if Apd knows from whence the script originated.

From where I said, cdn.siteswithcontent.com. CDN = content
distribution network. It supplies part of the web page content, i.e.
javascript for notifications, as I said elsewhere. It's common for
sites to pull their scripts from such places.

In article , Apd
wrote:

It was alerting on a script from cdn.siteswithcontent.com. That domain
has apparently been associated with adware. The script is OK so it's a
false positive.

Even so, I don't expect that David either knew or intended that it be
there.

Thanks, Eric. :-)

I had absolutely no idea it was there. :-(

No reason why you would.

he claims to be an investigator hunting down the bad guys.

such a person *would* know it was there.

On 11/06/2020 22:07, nospam wrote:
In article , David_B
wrote:

Some folk (Shadow for one) seem to be going out of their way to stop me
from trying to verify that ClamXav is a bona fide software programme.

more of your lies.

what you're actually doing is going out of your way to single out and
attack everything about clamxav, going so far to even dox the
developer.

Whatever are you talking about?

There's no hiding bona fide companies in the UK. Information is plain to
see for anyone who cares to look! https://ibb.co/dQwpBvD

which you of course did, along with doing quite a bit more, including
digging up his family and financial information, which you then posted
to usenet and no doubt to many other places.

I have posted NOTHING which is not in the public domain.

You, on the other hand, make a claim but provide no supporting evidence.

Interesting to note that Mr Allan was *born* exactly three years before
I retired from the Royal Navy!

no, that's not interesting at all.

On 11/06/2020 23:25, nospam wrote:
In article , Apd
wrote:

It was alerting on a script from cdn.siteswithcontent.com. That domain
has apparently been associated with adware. The script is OK so it's a
false positive.

Even so, I don't expect that David either knew or intended that it be
there.

Thanks, Eric. :-)

I had absolutely no idea it was there. :-(

No reason why you would.

he claims to be an investigator hunting down the bad guys.

I am.

such a person *would* know it was there.

I'm still learning! *HOW* would I know there was a script involved?

On Fri, 12 Jun 2020 20:59:40 +0100, David_B
wrote:

which you of course did, along with doing quite a bit more, including
digging up his family and financial information, which you then posted
to usenet and no doubt to many other places.

I have posted NOTHING which is not in the public domain.

Were the PRIVATE emails between you and your STALKING_TARGET
in the "public domain" before you posted them all over the place?
Did you get his permission to publish them?
Please don't call me a *LIAR* again or I'll have to post the
MSG_IDs proving where and when you posted them.
TIA

OT up again. BD has trouble understanding that Apple software
is OT in Win 10 groups.
This thread NEVER WAS about Win 10.

-------------------------------------
BD: I want people to "get to know me better. I have nothing to
hide".
I'm always here to help, this page was put up at BD's request,
rather, he said "Do it *NOW*!":

https://tekrider.net/pages/david-brooks-stalker.php

66 confirmed #FAKE_NYMS, most used in cybercrimes!
Google "David Brooks Devon"
[]'s

--
Don't be evil - Google 2004
We have a new policy - Google 2012

On 11/06/2020 22:01, Apd wrote:
"David_B" wrote:
On 11/06/2020 13:07, Apd wrote:
"Anonymous" (one-in-the-eye-for-dustin) wrote:
On 11/06/2020 08:57, Apd wrote:
"David_B" wrote:
On 10/06/2020 20:35, Paul wrote:
It is common industry practice ("code of the hills") to not
discuss the details of AV implementations. You could, for example,
be a Black Hat who is looking for a MacOSX vulnerability idea, and
whatever the developer had jammed into the OS, might be suggestive
of an API a Black Hat could attack.

Ah! Thank you, Paul. :-) That's not something I have ever considered,
nor has anyone else ever mentioned such a thing!

Because I don't think it applies in this situation. The software was
supposed to be uninstalled. The leftovers you had were a marker (so it
would know about a reinstall) and possibly log files and other
ephemeral stuff.

Did you carry out exactly the same procedure?

It would be interesting to review the "marker" and "ephemeral stuff".

Or are you simply guessing?

I'd appreciate you not use socks with me, BD.

Oops! Sorry about that. :-( I posted from my laptop, which I've been
updating to the most recent version of Windows - 2004.

Perhaps you'd like to explain why an AV program would leave behind
files to do with it's implementation after an uninstall, by which I
mean those containing the mechanism whereby it detects threats. That
would be part of the program code. Ok, a signature database might be
left behind as it could be a separate install but that's no big deal.

I'm not talking about *ANY* AV software - I'm referring to ClamXav.

I know. I was responding to why Paul's reason, about not discussing
details of implementation, was never mentioned as should be clear from
the quoted context.

I understand. Thank you.

The marker was noted by Snit, I believe. If you make a list of those
files and show me the content I'll endeavour to explain their purpose.

You have a Mac. Why can't you test for yourself? Then there could be no
doubt of the result. The 'Trial' is free - all it will cost is a little
bit of your time.

I can't run the current version - my system is too old. Anyway, the
onus is on you to do the legwork.

If you had modern equipment, would you install ClamXav?

You are an experienced Internet user. Please explain why you think the
current opening Website page starts out talking about an old version of
ClamXav http://www.markallan.co.uk/

I don't see that. There's a link to clamxav.com.

This web page demonstrates that the business is not keeping its online
material up-to-date.

https://www.clamxav.com/clamxav-3-is-here/

aside

I've installed AVG on my iMac and run a scan. About 15 items have been
removed into Quarantine. Would you have the time and inclination to
examine them? If so, I may need some help to extract them from
quarantine and place them into your hands.

--
David

David_B wrote:
I've installed AVG on my iMac and run a scan. About 15 items have been
removed into Quarantine.

What do you know about PUPs?

https://www.howtogeek.com/232791/pup...anted-program/
PUPs Explained: What is a “Potentially Unwanted Program�? -- Why
They’re Called PUPs and Not Malware

AVs /luv/ to find pups.

--
Mike Easter

On Fri, 12 Jun 2020 14:48:29 -0700, Mike Easter
wrote:

David_B wrote:
I've installed AVG on my iMac and run a scan. About 15 items have been
removed into Quarantine.

You stated you were running Sophos (or was it Trend? - I don't
keep dossiers). What happened to them?

What do you know about PUPs?

BD? A lot (unless he's forgotten). He manipulated a looooong
thread about "malware" on an AOL disk, which was either a PUP or a
false-positive. A software so old it had been removed from most
vendor's whitelists. The concept was explained to him in detail by
numerous posters.
He knows all about uploading them to scanner sites for a
second opinion.
Lets not start over.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

In article , David_B
wrote:

Some folk (Shadow for one) seem to be going out of their way to stop me
from trying to verify that ClamXav is a bona fide software programme.

more of your lies.

what you're actually doing is going out of your way to single out and
attack everything about clamxav, going so far to even dox the
developer.

Whatever are you talking about?

There's no hiding bona fide companies in the UK. Information is plain to
see for anyone who cares to look! https://ibb.co/dQwpBvD

which you of course did, along with doing quite a bit more, including
digging up his family and financial information, which you then posted
to usenet and no doubt to many other places.

I have posted NOTHING which is not in the public domain.

thereby admitting you intentionally doxxed him as well as others.

In article , Mike Easter
wrote:


AVs /luv/ to find pups.

they do a lot of things just to scare people so that they buy their
products.

mac anti-malware apps report finding *windows* malware, which are
guaranteed to not do anything on mac os, but it makes the number of
items found bigger and impresses the stupid.

On 13/06/2020 02:15, nospam wrote:
In article , Mike Easter
wrote:


AVs /luv/ to find pups.

they do a lot of things just to scare people so that they buy their
products.

mac anti-malware apps report finding *windows* malware, which are
guaranteed to not do anything on mac os, but it makes the number of
items found bigger and impresses the stupid.

THIS thread explains that the malware I detected wasn't ORDINARY
malware, but an extra-special item.

https://answers.microsoft.com/en-us/...6-e565d2571849

Specific definition of same may be found he-

https://blog.malwarebytes.com/detections/virus-ramnit/

David_B wrote:
THIS thread explains that the malware I detected wasn't ORDINARY
malware, but an extra-special item.

Ramnit did NOT come on some ancient 2008 AOL disk you had.

It had not even been created at that time. Ramnit was born in 2011 and
peaked in about 2015. It wasn't distributed on any AOL disk which
preceded its existence by years and years.

You made some kind of mistake by mixing and matching things from
completely different 'generations' and inviting a false report.

--
Mike Easter

David_B wrote:


ramnit-trojan-on-imac-aol-disk-from-2008

Someone is shoving AOL CDs from 2008, into a computer ?

https://ei.marke****ch.com/Multimedi...8180147_ZG.jpg

Paul

In article , Mike Easter
wrote:

David_B wrote:
THIS thread explains that the malware I detected wasn't ORDINARY
malware, but an extra-special item.

Ramnit did NOT come on some ancient 2008 AOL disk you had.

of course not.

he's been told that many, many times before. he ignored it then and
will ignore it now.

It had not even been created at that time. Ramnit was born in 2011 and
peaked in about 2015. It wasn't distributed on any AOL disk which
preceded its existence by years and years.

You made some kind of mistake by mixing and matching things from
completely different 'generations' and inviting a false report.

he didn't make a mistake. his goal is to troll, not to find malware.
malware is just the bait to hook people.