A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Win10 boot problems swapping HDDs



 
 
Thread Tools Rate Thread Display Modes
  #31  
Old November 20th 19, 04:45 PM posted to alt.comp.os.windows-10,uk.comp.sys.mac,alt.computer.workshop
David
external usenet poster
 
Posts: 25
Default Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swapping HDDs))

On 20/11/2019 13:30, G. B wrote:
On 20/11/2019 10:01, David wrote:


I'd been using a 'My Book' Studio Edition WD product to keep Time
Machine back-ups of my Apple iMacs for many years. It's one much like
this:-


Try this:

https://support.apple.com/kb/DL2011?viewlocale=en_US&locale=en_US

After this post all mac questions on Apple Mac Website.Â* You're wasting
your time here because Windows 10 is Microsoft Product while Apple Mac
is produced by Apple.


Thank you for trying to help. :-)
Ads
  #32  
Old November 20th 19, 04:49 PM posted to alt.comp.os.windows-10,uk.comp.sys.mac
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swapping HDDs))

David wrote:


I used the Clamav facility within Knoppix on my laptop to scan my 'My
Book' - here's a photo I took nearing the end of the scan (it took many
hours!)
https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg


Sadly, I could find no easy way to 'copy' the results of that scan. :-(


You can use the command line. The stdout option sends output to
the screen, and the tee command keeps a copy in result.txt .
The detect-pua, I added that so you could reproduce your
table of detections (as they're likely pua and not virii).
PUA is Potentially Unwanted Application.

https://i.postimg.cc/nrbxmTgS/clam.gif

cd /media/somewhere
clamscan --detect-pua --stdout -r . | tee result.txt

The program runs on one core, and is relatively slow.

And something like "sudo freshclam" will update the
database before you do a run.

I put a copy of EICAR in the test folder, and it found it.

../eicar: Eicar-Test-Signature FOUND

To give you some idea how stupid ClamAV is, I wrote a program
in C for my own usage, and it "found a virus in it". Ha! I
didn't know I was talented enough for that. It slices, it
dices, and makes Julienne fries.

But, it's a hobby, right ?

In the Terminal, you can type

apropos clam

and some of the clam executables will be listed.

Paul
  #33  
Old November 20th 19, 05:42 PM posted to alt.comp.os.windows-10,uk.comp.sys.mac
David
external usenet poster
 
Posts: 25
Default Malware! (Was - Apple SuperDrive (Was - Win10 boot problemsswapping HDDs))

On 20/11/2019 15:49, Paul wrote:
David wrote:


I used the Clamav facility within Knoppix on my laptop to scan my 'My
Book' - here's a photo I took nearing the end of the scan (it took
many hours!)
https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg


Sadly, I could find no easy way to 'copy' the results of that scan. :-(


You can use the command line. The stdout option sends output to
the screen, and the tee command keeps a copy in result.txt .
The detect-pua, I added that so you could reproduce your
table of detections (as they're likely pua and not virii).
PUA is Potentially Unwanted Application.

https://i.postimg.cc/nrbxmTgS/clam.gif

Â*Â* cd /media/somewhere
Â*Â* clamscan --detect-pua --stdout -r . | tee result.txt

The program runs on one core, and is relatively slow.

And something like "sudo freshclam" will update the
database before you do a run.

I put a copy of EICAR in the test folder, and it found it.

./eicar: Eicar-Test-Signature FOUND

To give you some idea how stupid ClamAV is, I wrote a program
in C for my own usage, and it "found a virus in it". Ha! I
didn't know I was talented enough for that. It slices, it
dices, and makes Julienne fries.

But, it's a hobby, right ?

In the Terminal, you can type

Â*Â* apropos clam

and some of the clam executables will be listed.



Ah! Thank you for the explanation, Paul.

Would there be any benefit to others if I could show you more accurate
results of my scan? I suspect not, but I'll do it if it would assist in
any way. Please advise. TIA.

David
  #34  
Old November 20th 19, 06:43 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-19 19:29, David wrote:
On 19/11/2019 22:13, nospam wrote:
In article , David ! wrote:

Maybe there was a problem with my installation of Catalina. I'll
let you
know how things stand when my iMac is up-and-running again.

the problem was and always will be pebkac.

Maybe or maybe my iMac, or my router, had been 'got at'!


no maybe about it, and your router has nothing to do with dvd playback.


The router had EVERYTHING to do with obtaining the software from Apple!


How would anyone doing something to your router affect your downloading
software from Apple? Please be specific. Which malware are you
considering for responsibility? How did it get onto the router? Which
router do you have? How did the malware stop working the second time you
downloaded the software? Please be specific. Please also note that many
routers use Linux-based operating systems, so this would have to be
Linux malware.

I expect that you will not reply to this.


Anyway, the *GOOD NEWS* is that, with the new installation of macOS
Catalina my Apple SuperDrive *DOES* work.

It now plays both CDs *AND* DVDs! :-D


in other words, there's no problem with catalina.


That is NOT what Apple Support told me. I'll raise the matter with them
again tomorrow.


As noted earlier, the problem was almost certainly PEBCK.


Thank you to everyone who helped me.


you're beyond help.


So which of these was Dustin responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


If you do not have evidence to support your accusation this is purest
libel, and is yet another example of your criminal ways. Your post,
combined with earlier posts of this kind against Dustin and others,
would be actionable in a British court. You would lose unless you could
produce evidence which would satisfy a court. I do not think that you
can. Perhaps Dustin might consider bringing an action.
  #35  
Old November 20th 19, 06:46 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-19 19:48, Char Jackson wrote:
On Wed, 20 Nov 2019 00:29:06 +0000, David wrote:

So which of these was responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


As before, I'm left wondering why nothing is ever *your* fault. Nothing is
ever *your* responsibility. It's really quite remarkable.



In this case it's criminal, actionable, defamation of character and is
but the latest in a long string of similar actions, which would
demonstrate to the court a pattern of such behaviour. Not only would he
be legally liable because of this post, the court would increase the
punishments because of the pattern of bad behaviour over a period in
excess of a decade and which has resulted in his being banned several
times by fora who don't want him posting his venom on their sites. All
of those posts, and all posts he had made on usenet, including his empty
threats, would be considered.
  #36  
Old November 20th 19, 06:51 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
David
external usenet poster
 
Posts: 25
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 20/11/2019 17:46, Panthera Tigris Altaica wrote:
On 2019-11-19 19:48, Char Jackson wrote:
On Wed, 20 Nov 2019 00:29:06 +0000, David
wrote:

So which of these was responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


As before, I'm left wondering why nothing is ever *your* fault.
Nothing is
ever *your* responsibility. It's really quite remarkable.



In this case it's criminal, actionable, defamation of character and is
but the latest in a long string of similar actions, which would
demonstrate to the court a pattern of such behaviour. Not only would he
be legally liable because of this post, the court would increase the
punishments because of the pattern of bad behaviour over a period in
excess of a decade and which has resulted in his being banned several
times by fora who don't want him posting his venom on their sites. All
of those posts, and all posts he had made on usenet, including his empty
threats, would be considered.



All this is simply playing in your mind - it's not reality!

I made no defamation of character statement. shakes head in disbelief

Read it again. *I asked a question*! ;-)
  #37  
Old November 20th 19, 06:59 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Shadow
external usenet poster
 
Posts: 1,638
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On Wed, 20 Nov 2019 15:36:23 +0000, David
wrote:

*So which of these was Dustin responsible for putting onto my
machine*?!!

That was a *TEASE* - and you took it, hook, line and sinker! :-D


We prefer the term *LIE*, and there's NOTHING funny about
sliming innocent people on public forums.

---------------
BD: I want people to "get to know me better. I have nothing to
hide".
I'm always here to help, this page was put up at BD's request,
rather, he said "Do it *NOW*!":

http://tekrider.net/pages/david-brooks-stalker.php

61 confirmed #FAKE_NYMS, most used in cybercrimes!
Google "David Brooks Devon"
[]'s.
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  #38  
Old November 20th 19, 07:14 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-20 12:51, David wrote:
On 20/11/2019 17:46, Panthera Tigris Altaica wrote:
On 2019-11-19 19:48, Char Jackson wrote:
On Wed, 20 Nov 2019 00:29:06 +0000, David
wrote:

So which of these was responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0

As before, I'm left wondering why nothing is ever *your* fault.
Nothing is
ever *your* responsibility. It's really quite remarkable.



In this case it's criminal, actionable, defamation of character and is
but the latest in a long string of similar actions, which would
demonstrate to the court a pattern of such behaviour. Not only would
he be legally liable because of this post, the court would increase
the punishments because of the pattern of bad behaviour over a period
in excess of a decade and which has resulted in his being banned
several times by fora who don't want him posting his venom on their
sites. All of those posts, and all posts he had made on usenet,
including his empty threats, would be considered.



All this is simply playing in your mind - it's not reality!


Your posts are what they are.


I made no defamation of character statement. shakes head in disbelief


You have made a multitude of actionable statements. You directly stated,
in the post quoted, that Dustin had placed malware on your computer. If
you cannot prove that, and you can't, that is criminal defamation of
character.


Read it again. *I asked a question*! ;-)


You made a statement.
  #39  
Old November 20th 19, 07:34 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-20 10:36, David wrote:
On 20/11/2019 11:33, Diesel wrote:
David
Wed, 20 Nov 2019 00:29:06 GMT in alt.computer.workshop, wrote:

[snip]

So which of these was Dustin responsible for putting onto my
machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


I'm not responsible for putting any of those on your computer. Also,
one of those is not malware in any way shape or form on it's own, the
other going by it's name is probably actually adware. They are rather
generic detection names, David...Two by themselves aren't malware
either, but if executed (if the names are accurate) will seek out and
possibly install malware to the machine which originally ran them.

I've seen droppers and downloaders alike that instead of expected,
outright, easy to spot, malware, provided bs adware instead. The kind
that claimed to find so many problems with your computer, but you
have to pay to have them all fixed.

Anyways.. back to the original point I was making:

Why did you falsely accuse me of putting Malware (listed by name) on
your computer? Aren't you often claiming to be a good guy who tells
the truth?


Â**So which of these was Dustin responsible for putting onto my
machine*?!!

That was a *TEASE* - and you took it, hook, line and sinker! :-D


This will not form a defence before a court.


I've always said you weren't what you claimed to be, and, didn't do
what you claimed to do. Thank you, David, for once again, confirming
that what I've written is true. You are not a good guy, good guys do
not go and make up stories like the one above. You've made up others
much much worse, but lets not dwell on those at this time, this one
is recent and it's a great example of one of the types of lies you
like to spread about people. It's one thing you actually think you're
pretty good at doing. I suspect only small children are actually
fooled by it, and even then, it's only children young enough not to
know how to research/fact check things they read yet. Anyone old
enough to do that sees right through you. Noted exceptions, Mike
Easter and Ant. You did school them. Kudos to you for that.


I truly *AM* one of life's *GOOD GUYS*, Dustin.


No, you are not.


Sorry about that! :-)


No, you are not.
  #40  
Old November 20th 19, 07:35 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-20 12:59, Shadow wrote:
On Wed, 20 Nov 2019 15:36:23 +0000, David
wrote:

*So which of these was Dustin responsible for putting onto my
machine*?!!

That was a *TEASE* - and you took it, hook, line and sinker! :-D


We prefer the term *LIE*, and there's NOTHING funny about
sliming innocent people on public forums.


He partially sobered up (he's never completely sober) and realised that
he'd committed an actionable crime and now he's trying to back off.


---------------
BD: I want people to "get to know me better. I have nothing to
hide".
I'm always here to help, this page was put up at BD's request,
rather, he said "Do it *NOW*!":

http://tekrider.net/pages/david-brooks-stalker.php

61 confirmed #FAKE_NYMS, most used in cybercrimes!
Google "David Brooks Devon"
[]'s.


  #41  
Old November 20th 19, 07:39 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-20 12:59, Shadow wrote:
On Wed, 20 Nov 2019 15:36:23 +0000, David
wrote:

*So which of these was Dustin responsible for putting onto my
machine*?!!

That was a *TEASE* - and you took it, hook, line and sinker! :-D


We prefer the term *LIE*, and there's NOTHING funny about
sliming innocent people on public forums.


He partially sobered up (he's never completely sober) and realised that
he'd committed an actionable crime and now he's trying to back off.


---------------
BD: I want people to "get to know me better. I have nothing to
hide".
I'm always here to help, this page was put up at BD's request,
rather, he said "Do it *NOW*!":

http://tekrider.net/pages/david-brooks-stalker.php

61 confirmed #FAKE_NYMS, most used in cybercrimes!
Google "David Brooks Devon"
[]'s.


  #42  
Old November 20th 19, 07:47 PM posted to alt.comp.os.windows-10,uk.comp.sys.mac
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swappingHDDs))

David wrote:
On 20/11/2019 15:49, Paul wrote:
David wrote:


I used the Clamav facility within Knoppix on my laptop to scan my 'My
Book' - here's a photo I took nearing the end of the scan (it took
many hours!)
https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg


Sadly, I could find no easy way to 'copy' the results of that scan. :-(


You can use the command line. The stdout option sends output to
the screen, and the tee command keeps a copy in result.txt .
The detect-pua, I added that so you could reproduce your
table of detections (as they're likely pua and not virii).
PUA is Potentially Unwanted Application.

https://i.postimg.cc/nrbxmTgS/clam.gif

cd /media/somewhere
clamscan --detect-pua --stdout -r . | tee result.txt

The program runs on one core, and is relatively slow.

And something like "sudo freshclam" will update the
database before you do a run.

I put a copy of EICAR in the test folder, and it found it.

./eicar: Eicar-Test-Signature FOUND

To give you some idea how stupid ClamAV is, I wrote a program
in C for my own usage, and it "found a virus in it". Ha! I
didn't know I was talented enough for that. It slices, it
dices, and makes Julienne fries.

But, it's a hobby, right ?

In the Terminal, you can type

apropos clam

and some of the clam executables will be listed.



Ah! Thank you for the explanation, Paul.

Would there be any benefit to others if I could show you more accurate
results of my scan? I suspect not, but I'll do it if it would assist in
any way. Please advise. TIA.

David


OK, I re-ran it, with detect-PUA turned on, and it found this.
When I run it on Virustotal ? Nothing. Clean. So this
is a false positive.

../audacity-win-2.1.0.exe: PUA.Win.Malware.Speedingupmypc-6718419-0 FOUND

*******

A program from Microsoft ? Actually... clean.

../Autoruns.zip: PUA.Win.Downloader.Aiis-6803892-0 FOUND
../Autoruns64.exe: PUA.Win.Downloader.Aiis-6803892-0 FOUND

Autoruns works to change registry entries, as one of its jobs.

*******

A program downloaded from the driver page at AMD ?

radeon-crimson-16.3.2-minimalsetup_web.exe: PUA.Win.Trojan.Generic-6629273-0 FOUND

Virustotal has two of its lesser lights report a problem,
while all the others say it is clean. Riskware isn't exactly
a strong signal either. It's the equivalent of "...be careful".

K7AntiVirus Riskware ( 0040eff71 )
K7GW Riskware ( 0040eff71 )

*******

qphotorec_win.exe: PUA.Win.Packer.Upx-49 FOUND === a packer (compresses the executable)
is not malware. Some AV products
don't have the UPX unpacker for this.
A "weak as ****" kind of warning.
Even I have a UPX unpacker :-)
*******

My homegrown program, compiled with MinGW ? Ha!
There's no network code in here. There are fopen()
calls and a few fwrite() calls, then fclose().

makefiles3.exe: PUA.Win.Downloader.Driverpack-6717506-0 FOUND

*******

The scan was small. The reason there are so many detections
is because the PUA detection was turned on. This drops to
1 detected, when just virus signatures are checked, and that's
because I put the EICAR test file into the directory on purpose,
so I would have at least one detection.

Scanned files: 704
Infected files: 84 === Big big Ha! (Drops to 1 with PUA detection switched off)

You should use some other materials for doing scans,
beside Clam. Clam is doing its best impression of
"scareware". The only thing missing, is the background
on my screen didn't turn red in embarrassment.

Paul
  #43  
Old November 20th 19, 07:58 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
David
external usenet poster
 
Posts: 25
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 20/11/2019 17:43, Panthera Tigris Altaica wrote:
On 2019-11-19 19:29, David wrote:
On 19/11/2019 22:13, nospam wrote:
In article , David ! wrote:

Maybe there was a problem with my installation of Catalina. I'll
let you
know how things stand when my iMac is up-and-running again.

the problem was and always will be pebkac.

Maybe or maybe my iMac, or my router, had been 'got at'!

no maybe about it, and your router has nothing to do with dvd playback.


The router had EVERYTHING to do with obtaining the software from Apple!


How would anyone doing something to your router affect your downloading
software from Apple? Please be specific. Which malware are you
considering for responsibility? How did it get onto the router? Which
router do you have? How did the malware stop working the second time you
downloaded the software? Please be specific. Please also note that many
routers use Linux-based operating systems, so this would have to be
Linux malware.

I expect that you will not reply to this.


Domain Name Server (DNS) hijacking, also named DNS redirection, is a
type of DNS attack in which DNS queries are incorrectly resolved in
order to unexpectedly redirect users to malicious sites. To perform the
attack, perpetrators either install malware on user computers, take over
routers, or intercept or hack DNS communication.

DNS hijacking can be used for pharming (in this context, attackers
typically display unwanted ads to generate revenue) or for phishing
(displaying fake versions of sites users access and stealing data or
credentials).

Many Internet Service Providers (ISPs) also use a type of DNS hijacking,
to take over a user’s DNS requests, collect statistics and return ads
when users access an unknown domain. Some governments use DNS hijacking
for censorship, redirecting users to government-authorized sites.

=

Please read all about things here so that you better understand.

https://www.imperva.com/learn/applic...g-redirection/

Anyway, the *GOOD NEWS* is that, with the new installation of macOS
Catalina my Apple SuperDrive *DOES* work.

It now plays both CDs *AND* DVDs! :-D

in other words, there's no problem with catalina.


That is NOT what Apple Support told me. I'll raise the matter with
them again tomorrow.


As noted earlier, the problem was almost certainly PEBCK.


I promised that I'd speak with Apple Support again today and I did! The
reason for my call was to provide feedback, for which the adviser was
most grateful. He did, ALSO, confirm that Apple engineers ARE still
working on trying to find a work-around for the on-going problem - for
SOME folk around the world - who do, STILL, have a problem with their
Apple SuperDrive not playing a DVD once they switch to macOS Catalina.

I asked if he would email me to confirm that situation but he declined.
It's evidently not Apple's policy to admit to ongoing bugs like this
one. shrug

Thank you to everyone who helped me.

you're beyond help.


So which of these was Dustin responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


If you do not have evidence to support your accusation this is purest
libel, and is yet another example of your criminal ways. Your post,
combined with earlier posts of this kind against Dustin and others,
would be actionable in a British court. You would lose unless you could
produce evidence which would satisfy a court. I do not think that you
can. Perhaps Dustin might consider bringing an action.


As I said elsewhere, I simply asked a question - and it certainly
prompted a reaction!! As I'm sure you know by now, Dustin wrote and
distributed real-life VIRUSES, albeit some years ago now, an activity
for which *he was never caught and punished*. The IROK virus was, I
believe, his most infamous one.

  #44  
Old November 20th 19, 08:14 PM posted to alt.comp.os.windows-10,alt.computer.workshop,uk.comp.sys.mac
Panthera Tigris Altaica[_2_]
external usenet poster
 
Posts: 106
Default Apple SuperDrive (Was Win10 boot problems swapping HDDs)

On 2019-11-20 13:58, David wrote:
On 20/11/2019 17:43, Panthera Tigris Altaica wrote:
On 2019-11-19 19:29, David wrote:
On 19/11/2019 22:13, nospam wrote:
In article , David ! wrote:

Maybe there was a problem with my installation of Catalina. I'll
let you
know how things stand when my iMac is up-and-running again.

the problem was and always will be pebkac.

Maybe or maybe my iMac, or my router, had been 'got at'!

no maybe about it, and your router has nothing to do with dvd playback.

The router had EVERYTHING to do with obtaining the software from Apple!


How would anyone doing something to your router affect your
downloading software from Apple? Please be specific. Which malware are
you considering for responsibility? How did it get onto the router?
Which router do you have? How did the malware stop working the second
time you downloaded the software? Please be specific. Please also note
that many routers use Linux-based operating systems, so this would
have to be Linux malware.

I expect that you will not reply to this.


Domain Name Server (DNS) hijacking, also named DNS redirection, is a
type of DNS attack in which DNS queries are incorrectly resolved in
order to unexpectedly redirect users to malicious sites. To perform the
attack, perpetrators either install malware on user computers, take over
routers, or intercept or hack DNS communication.

DNS hijacking can be used for pharming (in this context, attackers
typically display unwanted ads to generate revenue) or for phishing
(displaying fake versions of sites users access and stealing data or
credentials).

Many Internet Service Providers (ISPs) also use a type of DNS hijacking,
to take over a user’s DNS requests, collect statistics and return ads
when users access an unknown domain. Some governments use DNS hijacking
for censorship, redirecting users to government-authorized sites.


I asked that you be specific as to how _your_ router was hit. As
expected, you attempted to obfuscate. You always do.

Please be specific. How was _your_ device hit?


=

Please read all about things here so that you better understand.

https://www.imperva.com/learn/applic...g-redirection/


Anyway, the *GOOD NEWS* is that, with the new installation of macOS
Catalina my Apple SuperDrive *DOES* work.

It now plays both CDs *AND* DVDs! :-D

in other words, there's no problem with catalina.

That is NOT what Apple Support told me. I'll raise the matter with
them again tomorrow.


As noted earlier, the problem was almost certainly PEBCK.


I promised that I'd speak with Apple Support again today and I did! The
reason for my call was to provide feedback, for which the adviser was
most grateful. He did, ALSO, confirm that Apple engineers ARE still
working on trying to find a work-around for the on-going problem - for
SOME folk around the world - who do, STILL, have a problem with their
Apple SuperDrive not playing a DVD once they switch to macOS Catalina.

I asked if he would email me to confirm that situation but he declined.
It's evidently not Apple's policy to admit to ongoing bugs like this
one. shrug


I don't believe a word you post. You have only your continual lies,
criminal behaviour, and obfuscation to blame for your poor reputation.


Thank you to everyone who helped me.

you're beyond help.

So which of these was Dustin responsible for putting onto my machine?!!

Win.Dropper.Johnnie-6567749-0

Win.Trojan.Winlock-6629293-0

Win.Trojan.Generic-6629273-0

Win.Malware.Speedingupmypc-6718419-0

Win.Packer.WwpackV-1

Win.Downloader.Aiis-6803892-0


If you do not have evidence to support your accusation this is purest
libel, and is yet another example of your criminal ways. Your post,
combined with earlier posts of this kind against Dustin and others,
would be actionable in a British court. You would lose unless you
could produce evidence which would satisfy a court. I do not think
that you can. Perhaps Dustin might consider bringing an action.


As I said elsewhere, I simply asked a question


You made a statement. You made a direct, criminal, actionable, statement.

- and it certainly
prompted a reaction!!


It should prompt a lawsuit.

As I'm sure you know by now, Dustin wrote and
distributed real-life VIRUSES, albeit some years ago now, an activity
for which *he was never caught and punished*. The IROK virus was, I
believe, his most infamous one.


That is irrelevant to your statement. You are merely digging a deeper
hole for yourself. By all means continue to dig.
  #45  
Old November 20th 19, 08:53 PM posted to alt.comp.os.windows-10,uk.comp.sys.mac
David
external usenet poster
 
Posts: 25
Default Malware! (Was - Apple SuperDrive (Was - Win10 boot problemsswapping HDDs))

On 20/11/2019 18:47, Paul wrote:
David wrote:
On 20/11/2019 15:49, Paul wrote:
David wrote:


I used the Clamav facility within Knoppix on my laptop to scan my
'My Book' - here's a photo I took nearing the end of the scan (it
took many hours!)
https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg


Sadly, I could find no easy way to 'copy' the results of that scan. :-(

You can use the command line. The stdout option sends output to
the screen, and the tee command keeps a copy in result.txt .
The detect-pua, I added that so you could reproduce your
table of detections (as they're likely pua and not virii).
PUA is Potentially Unwanted Application.

https://i.postimg.cc/nrbxmTgS/clam.gif

Â*Â*Â* cd /media/somewhere
Â*Â*Â* clamscan --detect-pua --stdout -r . | tee result.txt

The program runs on one core, and is relatively slow.

And something like "sudo freshclam" will update the
database before you do a run.

I put a copy of EICAR in the test folder, and it found it.

./eicar: Eicar-Test-Signature FOUND

To give you some idea how stupid ClamAV is, I wrote a program
in C for my own usage, and it "found a virus in it". Ha! I
didn't know I was talented enough for that. It slices, it
dices, and makes Julienne fries.

But, it's a hobby, right ?

In the Terminal, you can type

Â*Â*Â* apropos clam

and some of the clam executables will be listed.



Ah! Thank you for the explanation, Paul.

Would there be any benefit to others if I could show you more accurate
results of my scan?Â* I suspect not, but I'll do it if it would assist
in any way. Please advise. TIA.

David


OK, I re-ran it, with detect-PUA turned on, and it found this.
When I run it on Virustotal ? Nothing. Clean. So this
is a false positive.

./audacity-win-2.1.0.exe: PUA.Win.Malware.Speedingupmypc-6718419-0 FOUND

*******

A program from Microsoft ? Actually... clean.

./Autoruns.zip: PUA.Win.Downloader.Aiis-6803892-0 FOUND
./Autoruns64.exe: PUA.Win.Downloader.Aiis-6803892-0 FOUND

Autoruns works to change registry entries, as one of its jobs.

*******

A program downloaded from the driver page at AMD ?

radeon-crimson-16.3.2-minimalsetup_web.exe:
PUA.Win.Trojan.Generic-6629273-0 FOUND

Virustotal has two of its lesser lights report a problem,
while all the others say it is clean. Riskware isn't exactly
a strong signal either. It's the equivalent of "...be careful".

K7AntiVirusÂ*Â* Riskware ( 0040eff71 )
K7GWÂ*Â*Â*Â*Â*Â*Â*Â*Â* Riskware ( 0040eff71 )

*******

qphotorec_win.exe: PUA.Win.Packer.Upx-49 FOUNDÂ*Â* === a packer
(compresses the executable)
Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* is not malware.
Some AV products
Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* don't have the
UPX unpacker for this.
Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* A "weak as ****"
kind of warning.
Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* Even I have a UPX
unpacker :-)
*******

My homegrown program, compiled with MinGW ? Ha!
There's no network code in here. There are fopen()
calls and a few fwrite() calls, then fclose().

makefiles3.exe: PUA.Win.Downloader.Driverpack-6717506-0 FOUND

*******

The scan was small. The reason there are so many detections
is because the PUA detection was turned on. This drops to
1 detected, when just virus signatures are checked, and that's
because I put the EICAR test file into the directory on purpose,
so I would have at least one detection.

Scanned files: 704
Infected files: 84Â* === Big big Ha!Â* (Drops to 1 with PUA detection
switched off)

You should use some other materials for doing scans,
beside Clam. Clam is doing its best impression of
"scareware". The only thing missing, is the background
on my screen didn't turn red in embarrassment.


Oh, Paul! You went to a great deal of trouble. Thank you. I'll not
bother to scan my WD Home Book again. I didn't think there was anything
there which could harm my Mac - and I'll not transfer anything to a
Windows machine from here on in.

Would you have any more faith in ClamAV when it's dressed up as ClamXAV?

There's quite a good article here
https://uk.pcmag.com/antivirus/4669/clamxav-for-mac

However, one *NOW* has to pay an *annual subscription*.
https://www.clamxav.com

A waste of money?!!


 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 12:47 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.