If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#31
|
|||
|
|||
Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swapping HDDs))
On 20/11/2019 13:30, G. B wrote:
On 20/11/2019 10:01, David wrote: I'd been using a 'My Book' Studio Edition WD product to keep Time Machine back-ups of my Apple iMacs for many years. It's one much like this:- Try this: https://support.apple.com/kb/DL2011?viewlocale=en_US&locale=en_US After this post all mac questions on Apple Mac Website.Â* You're wasting your time here because Windows 10 is Microsoft Product while Apple Mac is produced by Apple. Thank you for trying to help. :-) |
Ads |
#32
|
|||
|
|||
Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swapping HDDs))
David wrote:
I used the Clamav facility within Knoppix on my laptop to scan my 'My Book' - here's a photo I took nearing the end of the scan (it took many hours!) https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg Sadly, I could find no easy way to 'copy' the results of that scan. :-( You can use the command line. The stdout option sends output to the screen, and the tee command keeps a copy in result.txt . The detect-pua, I added that so you could reproduce your table of detections (as they're likely pua and not virii). PUA is Potentially Unwanted Application. https://i.postimg.cc/nrbxmTgS/clam.gif cd /media/somewhere clamscan --detect-pua --stdout -r . | tee result.txt The program runs on one core, and is relatively slow. And something like "sudo freshclam" will update the database before you do a run. I put a copy of EICAR in the test folder, and it found it. ../eicar: Eicar-Test-Signature FOUND To give you some idea how stupid ClamAV is, I wrote a program in C for my own usage, and it "found a virus in it". Ha! I didn't know I was talented enough for that. It slices, it dices, and makes Julienne fries. But, it's a hobby, right ? In the Terminal, you can type apropos clam and some of the clam executables will be listed. Paul |
#33
|
|||
|
|||
Malware! (Was - Apple SuperDrive (Was - Win10 boot problemsswapping HDDs))
On 20/11/2019 15:49, Paul wrote:
David wrote: I used the Clamav facility within Knoppix on my laptop to scan my 'My Book' - here's a photo I took nearing the end of the scan (it took many hours!) https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg Sadly, I could find no easy way to 'copy' the results of that scan. :-( You can use the command line. The stdout option sends output to the screen, and the tee command keeps a copy in result.txt . The detect-pua, I added that so you could reproduce your table of detections (as they're likely pua and not virii). PUA is Potentially Unwanted Application. https://i.postimg.cc/nrbxmTgS/clam.gif Â*Â* cd /media/somewhere Â*Â* clamscan --detect-pua --stdout -r . | tee result.txt The program runs on one core, and is relatively slow. And something like "sudo freshclam" will update the database before you do a run. I put a copy of EICAR in the test folder, and it found it. ./eicar: Eicar-Test-Signature FOUND To give you some idea how stupid ClamAV is, I wrote a program in C for my own usage, and it "found a virus in it". Ha! I didn't know I was talented enough for that. It slices, it dices, and makes Julienne fries. But, it's a hobby, right ? In the Terminal, you can type Â*Â* apropos clam and some of the clam executables will be listed. Ah! Thank you for the explanation, Paul. Would there be any benefit to others if I could show you more accurate results of my scan? I suspect not, but I'll do it if it would assist in any way. Please advise. TIA. David |
#34
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-19 19:29, David wrote:
On 19/11/2019 22:13, nospam wrote: In article , David ! wrote: Maybe there was a problem with my installation of Catalina. I'll let you know how things stand when my iMac is up-and-running again. the problem was and always will be pebkac. Maybe or maybe my iMac, or my router, had been 'got at'! no maybe about it, and your router has nothing to do with dvd playback. The router had EVERYTHING to do with obtaining the software from Apple! How would anyone doing something to your router affect your downloading software from Apple? Please be specific. Which malware are you considering for responsibility? How did it get onto the router? Which router do you have? How did the malware stop working the second time you downloaded the software? Please be specific. Please also note that many routers use Linux-based operating systems, so this would have to be Linux malware. I expect that you will not reply to this. Anyway, the *GOOD NEWS* is that, with the new installation of macOS Catalina my Apple SuperDrive *DOES* work. It now plays both CDs *AND* DVDs! :-D in other words, there's no problem with catalina. That is NOT what Apple Support told me. I'll raise the matter with them again tomorrow. As noted earlier, the problem was almost certainly PEBCK. Thank you to everyone who helped me. you're beyond help. So which of these was Dustin responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 If you do not have evidence to support your accusation this is purest libel, and is yet another example of your criminal ways. Your post, combined with earlier posts of this kind against Dustin and others, would be actionable in a British court. You would lose unless you could produce evidence which would satisfy a court. I do not think that you can. Perhaps Dustin might consider bringing an action. |
#35
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-19 19:48, Char Jackson wrote:
On Wed, 20 Nov 2019 00:29:06 +0000, David wrote: So which of these was responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 As before, I'm left wondering why nothing is ever *your* fault. Nothing is ever *your* responsibility. It's really quite remarkable. In this case it's criminal, actionable, defamation of character and is but the latest in a long string of similar actions, which would demonstrate to the court a pattern of such behaviour. Not only would he be legally liable because of this post, the court would increase the punishments because of the pattern of bad behaviour over a period in excess of a decade and which has resulted in his being banned several times by fora who don't want him posting his venom on their sites. All of those posts, and all posts he had made on usenet, including his empty threats, would be considered. |
#36
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 20/11/2019 17:46, Panthera Tigris Altaica wrote:
On 2019-11-19 19:48, Char Jackson wrote: On Wed, 20 Nov 2019 00:29:06 +0000, David wrote: So which of these was responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 As before, I'm left wondering why nothing is ever *your* fault. Nothing is ever *your* responsibility. It's really quite remarkable. In this case it's criminal, actionable, defamation of character and is but the latest in a long string of similar actions, which would demonstrate to the court a pattern of such behaviour. Not only would he be legally liable because of this post, the court would increase the punishments because of the pattern of bad behaviour over a period in excess of a decade and which has resulted in his being banned several times by fora who don't want him posting his venom on their sites. All of those posts, and all posts he had made on usenet, including his empty threats, would be considered. All this is simply playing in your mind - it's not reality! I made no defamation of character statement. shakes head in disbelief Read it again. *I asked a question*! ;-) |
#37
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On Wed, 20 Nov 2019 15:36:23 +0000, David
wrote: *So which of these was Dustin responsible for putting onto my machine*?!! That was a *TEASE* - and you took it, hook, line and sinker! :-D We prefer the term *LIE*, and there's NOTHING funny about sliming innocent people on public forums. --------------- BD: I want people to "get to know me better. I have nothing to hide". I'm always here to help, this page was put up at BD's request, rather, he said "Do it *NOW*!": http://tekrider.net/pages/david-brooks-stalker.php 61 confirmed #FAKE_NYMS, most used in cybercrimes! Google "David Brooks Devon" []'s. -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
#38
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-20 12:51, David wrote:
On 20/11/2019 17:46, Panthera Tigris Altaica wrote: On 2019-11-19 19:48, Char Jackson wrote: On Wed, 20 Nov 2019 00:29:06 +0000, David wrote: So which of these was responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 As before, I'm left wondering why nothing is ever *your* fault. Nothing is ever *your* responsibility. It's really quite remarkable. In this case it's criminal, actionable, defamation of character and is but the latest in a long string of similar actions, which would demonstrate to the court a pattern of such behaviour. Not only would he be legally liable because of this post, the court would increase the punishments because of the pattern of bad behaviour over a period in excess of a decade and which has resulted in his being banned several times by fora who don't want him posting his venom on their sites. All of those posts, and all posts he had made on usenet, including his empty threats, would be considered. All this is simply playing in your mind - it's not reality! Your posts are what they are. I made no defamation of character statement. shakes head in disbelief You have made a multitude of actionable statements. You directly stated, in the post quoted, that Dustin had placed malware on your computer. If you cannot prove that, and you can't, that is criminal defamation of character. Read it again. *I asked a question*! ;-) You made a statement. |
#39
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-20 10:36, David wrote:
On 20/11/2019 11:33, Diesel wrote: David Wed, 20 Nov 2019 00:29:06 GMT in alt.computer.workshop, wrote: [snip] So which of these was Dustin responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 I'm not responsible for putting any of those on your computer. Also, one of those is not malware in any way shape or form on it's own, the other going by it's name is probably actually adware. They are rather generic detection names, David...Two by themselves aren't malware either, but if executed (if the names are accurate) will seek out and possibly install malware to the machine which originally ran them. I've seen droppers and downloaders alike that instead of expected, outright, easy to spot, malware, provided bs adware instead. The kind that claimed to find so many problems with your computer, but you have to pay to have them all fixed. Anyways.. back to the original point I was making: Why did you falsely accuse me of putting Malware (listed by name) on your computer? Aren't you often claiming to be a good guy who tells the truth? Â**So which of these was Dustin responsible for putting onto my machine*?!! That was a *TEASE* - and you took it, hook, line and sinker! :-D This will not form a defence before a court. I've always said you weren't what you claimed to be, and, didn't do what you claimed to do. Thank you, David, for once again, confirming that what I've written is true. You are not a good guy, good guys do not go and make up stories like the one above. You've made up others much much worse, but lets not dwell on those at this time, this one is recent and it's a great example of one of the types of lies you like to spread about people. It's one thing you actually think you're pretty good at doing. I suspect only small children are actually fooled by it, and even then, it's only children young enough not to know how to research/fact check things they read yet. Anyone old enough to do that sees right through you. Noted exceptions, Mike Easter and Ant. You did school them. Kudos to you for that. I truly *AM* one of life's *GOOD GUYS*, Dustin. No, you are not. Sorry about that! :-) No, you are not. |
#40
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-20 12:59, Shadow wrote:
On Wed, 20 Nov 2019 15:36:23 +0000, David wrote: *So which of these was Dustin responsible for putting onto my machine*?!! That was a *TEASE* - and you took it, hook, line and sinker! :-D We prefer the term *LIE*, and there's NOTHING funny about sliming innocent people on public forums. He partially sobered up (he's never completely sober) and realised that he'd committed an actionable crime and now he's trying to back off. --------------- BD: I want people to "get to know me better. I have nothing to hide". I'm always here to help, this page was put up at BD's request, rather, he said "Do it *NOW*!": http://tekrider.net/pages/david-brooks-stalker.php 61 confirmed #FAKE_NYMS, most used in cybercrimes! Google "David Brooks Devon" []'s. |
#41
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-20 12:59, Shadow wrote:
On Wed, 20 Nov 2019 15:36:23 +0000, David wrote: *So which of these was Dustin responsible for putting onto my machine*?!! That was a *TEASE* - and you took it, hook, line and sinker! :-D We prefer the term *LIE*, and there's NOTHING funny about sliming innocent people on public forums. He partially sobered up (he's never completely sober) and realised that he'd committed an actionable crime and now he's trying to back off. --------------- BD: I want people to "get to know me better. I have nothing to hide". I'm always here to help, this page was put up at BD's request, rather, he said "Do it *NOW*!": http://tekrider.net/pages/david-brooks-stalker.php 61 confirmed #FAKE_NYMS, most used in cybercrimes! Google "David Brooks Devon" []'s. |
#42
|
|||
|
|||
Malware! (Was - Apple SuperDrive (Was - Win10 boot problems swappingHDDs))
David wrote:
On 20/11/2019 15:49, Paul wrote: David wrote: I used the Clamav facility within Knoppix on my laptop to scan my 'My Book' - here's a photo I took nearing the end of the scan (it took many hours!) https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg Sadly, I could find no easy way to 'copy' the results of that scan. :-( You can use the command line. The stdout option sends output to the screen, and the tee command keeps a copy in result.txt . The detect-pua, I added that so you could reproduce your table of detections (as they're likely pua and not virii). PUA is Potentially Unwanted Application. https://i.postimg.cc/nrbxmTgS/clam.gif cd /media/somewhere clamscan --detect-pua --stdout -r . | tee result.txt The program runs on one core, and is relatively slow. And something like "sudo freshclam" will update the database before you do a run. I put a copy of EICAR in the test folder, and it found it. ./eicar: Eicar-Test-Signature FOUND To give you some idea how stupid ClamAV is, I wrote a program in C for my own usage, and it "found a virus in it". Ha! I didn't know I was talented enough for that. It slices, it dices, and makes Julienne fries. But, it's a hobby, right ? In the Terminal, you can type apropos clam and some of the clam executables will be listed. Ah! Thank you for the explanation, Paul. Would there be any benefit to others if I could show you more accurate results of my scan? I suspect not, but I'll do it if it would assist in any way. Please advise. TIA. David OK, I re-ran it, with detect-PUA turned on, and it found this. When I run it on Virustotal ? Nothing. Clean. So this is a false positive. ../audacity-win-2.1.0.exe: PUA.Win.Malware.Speedingupmypc-6718419-0 FOUND ******* A program from Microsoft ? Actually... clean. ../Autoruns.zip: PUA.Win.Downloader.Aiis-6803892-0 FOUND ../Autoruns64.exe: PUA.Win.Downloader.Aiis-6803892-0 FOUND Autoruns works to change registry entries, as one of its jobs. ******* A program downloaded from the driver page at AMD ? radeon-crimson-16.3.2-minimalsetup_web.exe: PUA.Win.Trojan.Generic-6629273-0 FOUND Virustotal has two of its lesser lights report a problem, while all the others say it is clean. Riskware isn't exactly a strong signal either. It's the equivalent of "...be careful". K7AntiVirus Riskware ( 0040eff71 ) K7GW Riskware ( 0040eff71 ) ******* qphotorec_win.exe: PUA.Win.Packer.Upx-49 FOUND === a packer (compresses the executable) is not malware. Some AV products don't have the UPX unpacker for this. A "weak as ****" kind of warning. Even I have a UPX unpacker :-) ******* My homegrown program, compiled with MinGW ? Ha! There's no network code in here. There are fopen() calls and a few fwrite() calls, then fclose(). makefiles3.exe: PUA.Win.Downloader.Driverpack-6717506-0 FOUND ******* The scan was small. The reason there are so many detections is because the PUA detection was turned on. This drops to 1 detected, when just virus signatures are checked, and that's because I put the EICAR test file into the directory on purpose, so I would have at least one detection. Scanned files: 704 Infected files: 84 === Big big Ha! (Drops to 1 with PUA detection switched off) You should use some other materials for doing scans, beside Clam. Clam is doing its best impression of "scareware". The only thing missing, is the background on my screen didn't turn red in embarrassment. Paul |
#43
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 20/11/2019 17:43, Panthera Tigris Altaica wrote:
On 2019-11-19 19:29, David wrote: On 19/11/2019 22:13, nospam wrote: In article , David ! wrote: Maybe there was a problem with my installation of Catalina. I'll let you know how things stand when my iMac is up-and-running again. the problem was and always will be pebkac. Maybe or maybe my iMac, or my router, had been 'got at'! no maybe about it, and your router has nothing to do with dvd playback. The router had EVERYTHING to do with obtaining the software from Apple! How would anyone doing something to your router affect your downloading software from Apple? Please be specific. Which malware are you considering for responsibility? How did it get onto the router? Which router do you have? How did the malware stop working the second time you downloaded the software? Please be specific. Please also note that many routers use Linux-based operating systems, so this would have to be Linux malware. I expect that you will not reply to this. Domain Name Server (DNS) hijacking, also named DNS redirection, is a type of DNS attack in which DNS queries are incorrectly resolved in order to unexpectedly redirect users to malicious sites. To perform the attack, perpetrators either install malware on user computers, take over routers, or intercept or hack DNS communication. DNS hijacking can be used for pharming (in this context, attackers typically display unwanted ads to generate revenue) or for phishing (displaying fake versions of sites users access and stealing data or credentials). Many Internet Service Providers (ISPs) also use a type of DNS hijacking, to take over a user’s DNS requests, collect statistics and return ads when users access an unknown domain. Some governments use DNS hijacking for censorship, redirecting users to government-authorized sites. = Please read all about things here so that you better understand. https://www.imperva.com/learn/applic...g-redirection/ Anyway, the *GOOD NEWS* is that, with the new installation of macOS Catalina my Apple SuperDrive *DOES* work. It now plays both CDs *AND* DVDs! :-D in other words, there's no problem with catalina. That is NOT what Apple Support told me. I'll raise the matter with them again tomorrow. As noted earlier, the problem was almost certainly PEBCK. I promised that I'd speak with Apple Support again today and I did! The reason for my call was to provide feedback, for which the adviser was most grateful. He did, ALSO, confirm that Apple engineers ARE still working on trying to find a work-around for the on-going problem - for SOME folk around the world - who do, STILL, have a problem with their Apple SuperDrive not playing a DVD once they switch to macOS Catalina. I asked if he would email me to confirm that situation but he declined. It's evidently not Apple's policy to admit to ongoing bugs like this one. shrug Thank you to everyone who helped me. you're beyond help. So which of these was Dustin responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 If you do not have evidence to support your accusation this is purest libel, and is yet another example of your criminal ways. Your post, combined with earlier posts of this kind against Dustin and others, would be actionable in a British court. You would lose unless you could produce evidence which would satisfy a court. I do not think that you can. Perhaps Dustin might consider bringing an action. As I said elsewhere, I simply asked a question - and it certainly prompted a reaction!! As I'm sure you know by now, Dustin wrote and distributed real-life VIRUSES, albeit some years ago now, an activity for which *he was never caught and punished*. The IROK virus was, I believe, his most infamous one. |
#44
|
|||
|
|||
Apple SuperDrive (Was Win10 boot problems swapping HDDs)
On 2019-11-20 13:58, David wrote:
On 20/11/2019 17:43, Panthera Tigris Altaica wrote: On 2019-11-19 19:29, David wrote: On 19/11/2019 22:13, nospam wrote: In article , David ! wrote: Maybe there was a problem with my installation of Catalina. I'll let you know how things stand when my iMac is up-and-running again. the problem was and always will be pebkac. Maybe or maybe my iMac, or my router, had been 'got at'! no maybe about it, and your router has nothing to do with dvd playback. The router had EVERYTHING to do with obtaining the software from Apple! How would anyone doing something to your router affect your downloading software from Apple? Please be specific. Which malware are you considering for responsibility? How did it get onto the router? Which router do you have? How did the malware stop working the second time you downloaded the software? Please be specific. Please also note that many routers use Linux-based operating systems, so this would have to be Linux malware. I expect that you will not reply to this. Domain Name Server (DNS) hijacking, also named DNS redirection, is a type of DNS attack in which DNS queries are incorrectly resolved in order to unexpectedly redirect users to malicious sites. To perform the attack, perpetrators either install malware on user computers, take over routers, or intercept or hack DNS communication. DNS hijacking can be used for pharming (in this context, attackers typically display unwanted ads to generate revenue) or for phishing (displaying fake versions of sites users access and stealing data or credentials). Many Internet Service Providers (ISPs) also use a type of DNS hijacking, to take over a user’s DNS requests, collect statistics and return ads when users access an unknown domain. Some governments use DNS hijacking for censorship, redirecting users to government-authorized sites. I asked that you be specific as to how _your_ router was hit. As expected, you attempted to obfuscate. You always do. Please be specific. How was _your_ device hit? = Please read all about things here so that you better understand. https://www.imperva.com/learn/applic...g-redirection/ Anyway, the *GOOD NEWS* is that, with the new installation of macOS Catalina my Apple SuperDrive *DOES* work. It now plays both CDs *AND* DVDs! :-D in other words, there's no problem with catalina. That is NOT what Apple Support told me. I'll raise the matter with them again tomorrow. As noted earlier, the problem was almost certainly PEBCK. I promised that I'd speak with Apple Support again today and I did! The reason for my call was to provide feedback, for which the adviser was most grateful. He did, ALSO, confirm that Apple engineers ARE still working on trying to find a work-around for the on-going problem - for SOME folk around the world - who do, STILL, have a problem with their Apple SuperDrive not playing a DVD once they switch to macOS Catalina. I asked if he would email me to confirm that situation but he declined. It's evidently not Apple's policy to admit to ongoing bugs like this one. shrug I don't believe a word you post. You have only your continual lies, criminal behaviour, and obfuscation to blame for your poor reputation. Thank you to everyone who helped me. you're beyond help. So which of these was Dustin responsible for putting onto my machine?!! Win.Dropper.Johnnie-6567749-0 Win.Trojan.Winlock-6629293-0 Win.Trojan.Generic-6629273-0 Win.Malware.Speedingupmypc-6718419-0 Win.Packer.WwpackV-1 Win.Downloader.Aiis-6803892-0 If you do not have evidence to support your accusation this is purest libel, and is yet another example of your criminal ways. Your post, combined with earlier posts of this kind against Dustin and others, would be actionable in a British court. You would lose unless you could produce evidence which would satisfy a court. I do not think that you can. Perhaps Dustin might consider bringing an action. As I said elsewhere, I simply asked a question You made a statement. You made a direct, criminal, actionable, statement. - and it certainly prompted a reaction!! It should prompt a lawsuit. As I'm sure you know by now, Dustin wrote and distributed real-life VIRUSES, albeit some years ago now, an activity for which *he was never caught and punished*. The IROK virus was, I believe, his most infamous one. That is irrelevant to your statement. You are merely digging a deeper hole for yourself. By all means continue to dig. |
#45
|
|||
|
|||
Malware! (Was - Apple SuperDrive (Was - Win10 boot problemsswapping HDDs))
On 20/11/2019 18:47, Paul wrote:
David wrote: On 20/11/2019 15:49, Paul wrote: David wrote: I used the Clamav facility within Knoppix on my laptop to scan my 'My Book' - here's a photo I took nearing the end of the scan (it took many hours!) https://i.postimg.cc/sxQ4Ms2v/B5-C2-...95292-EFCA.jpg Sadly, I could find no easy way to 'copy' the results of that scan. :-( You can use the command line. The stdout option sends output to the screen, and the tee command keeps a copy in result.txt . The detect-pua, I added that so you could reproduce your table of detections (as they're likely pua and not virii). PUA is Potentially Unwanted Application. https://i.postimg.cc/nrbxmTgS/clam.gif Â*Â*Â* cd /media/somewhere Â*Â*Â* clamscan --detect-pua --stdout -r . | tee result.txt The program runs on one core, and is relatively slow. And something like "sudo freshclam" will update the database before you do a run. I put a copy of EICAR in the test folder, and it found it. ./eicar: Eicar-Test-Signature FOUND To give you some idea how stupid ClamAV is, I wrote a program in C for my own usage, and it "found a virus in it". Ha! I didn't know I was talented enough for that. It slices, it dices, and makes Julienne fries. But, it's a hobby, right ? In the Terminal, you can type Â*Â*Â* apropos clam and some of the clam executables will be listed. Ah! Thank you for the explanation, Paul. Would there be any benefit to others if I could show you more accurate results of my scan?Â* I suspect not, but I'll do it if it would assist in any way. Please advise. TIA. David OK, I re-ran it, with detect-PUA turned on, and it found this. When I run it on Virustotal ? Nothing. Clean. So this is a false positive. ./audacity-win-2.1.0.exe: PUA.Win.Malware.Speedingupmypc-6718419-0 FOUND ******* A program from Microsoft ? Actually... clean. ./Autoruns.zip: PUA.Win.Downloader.Aiis-6803892-0 FOUND ./Autoruns64.exe: PUA.Win.Downloader.Aiis-6803892-0 FOUND Autoruns works to change registry entries, as one of its jobs. ******* A program downloaded from the driver page at AMD ? radeon-crimson-16.3.2-minimalsetup_web.exe: PUA.Win.Trojan.Generic-6629273-0 FOUND Virustotal has two of its lesser lights report a problem, while all the others say it is clean. Riskware isn't exactly a strong signal either. It's the equivalent of "...be careful". K7AntiVirusÂ*Â* Riskware ( 0040eff71 ) K7GWÂ*Â*Â*Â*Â*Â*Â*Â*Â* Riskware ( 0040eff71 ) ******* qphotorec_win.exe: PUA.Win.Packer.Upx-49 FOUNDÂ*Â* === a packer (compresses the executable) Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* is not malware. Some AV products Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* don't have the UPX unpacker for this. Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* A "weak as ****" kind of warning. Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* Â*Â*Â* Even I have a UPX unpacker :-) ******* My homegrown program, compiled with MinGW ? Ha! There's no network code in here. There are fopen() calls and a few fwrite() calls, then fclose(). makefiles3.exe: PUA.Win.Downloader.Driverpack-6717506-0 FOUND ******* The scan was small. The reason there are so many detections is because the PUA detection was turned on. This drops to 1 detected, when just virus signatures are checked, and that's because I put the EICAR test file into the directory on purpose, so I would have at least one detection. Scanned files: 704 Infected files: 84Â* === Big big Ha!Â* (Drops to 1 with PUA detection switched off) You should use some other materials for doing scans, beside Clam. Clam is doing its best impression of "scareware". The only thing missing, is the background on my screen didn't turn red in embarrassment. Oh, Paul! You went to a great deal of trouble. Thank you. I'll not bother to scan my WD Home Book again. I didn't think there was anything there which could harm my Mac - and I'll not transfer anything to a Windows machine from here on in. Would you have any more faith in ClamAV when it's dressed up as ClamXAV? There's quite a good article here https://uk.pcmag.com/antivirus/4669/clamxav-for-mac However, one *NOW* has to pay an *annual subscription*. https://www.clamxav.com A waste of money?!! |
Thread Tools | |
Display Modes | Rate This Thread |
|
|