Emsisoft Emergency Kit

[David H. Lipman]

From: "G. Morgan" <sealteam6@osama-is-dead.net>

> G. Morgan wrote:
>
>> David H. Lipman wrote:
>>
>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>
>>>> David H. Lipman wrote:
>>>>
>>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>>
>>>>>>
>>>>>> All were false positives except this:
>>>>>> savedsites\hxxp___mynews.ath.cx\http://www.vanbasco.com\downloads\va...ad_chinese.exe
>>>>>> * Trojan.Crypt!IK
>>>>>>
>>>>>> It thought this file was bad :-(
>>>>>> http://www.virustotal.com/file-scan/...f96-1321894516
>>>>>>
>>>>>>
>>>>>
>>>>> Please submit that file, if you still have it, to http://www.uploadmalware.com/
>>>>
>>>> Done.
>>>>
>>>> Came from:
>>>>
>>>> C:\cygwin\lib\python2.6\lib-dynload\_functools.dll
>>>>
>>>> detected: Trojan.Win32.Possador.AMN!A2
>>>
>>>
>>> Looks like an Emsisoft (A2) False Positive detection. Cygwin tools are known for
>>> generating occasional False Positives.
>>
>> Thanks for the confirmation. I left it alone.
>
> BTW... Are you in a position to contact Emsisoft and get them to correct
> all these false-positives? They should not pick on Nirsoft or
> Sysinternals tools. Someone who just "selected all" could **** up their
> system based on all the false's. You really have to know what you're
> doing to use that utility safely.
>
> I give it a 7/10, for excellent detection but lost points for false
> positives.
>
> Can not recommend to end-users.
>

I could if you really want me to.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

[G. Morgan]

David H. Lipman wrote:

>From: "G. Morgan" <sealteam6@osama-is-dead.net>
>
>> G. Morgan wrote:
>>
>>> David H. Lipman wrote:
>>>
>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>
>>>>> David H. Lipman wrote:
>>>>>
>>>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>>>
>>>>>>>
>>>>>>> All were false positives except this:
>>>>>>> savedsites\hxxp___mynews.ath.cx\http://www.vanbasco.com\downloads\va...ad_chinese.exe
>>>>>>> * Trojan.Crypt!IK
>>>>>>>
>>>>>>> It thought this file was bad :-(
>>>>>>> http://www.virustotal.com/file-scan/...f96-1321894516
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Please submit that file, if you still have it, to http://www.uploadmalware.com/
>>>>>
>>>>> Done.
>>>>>
>>>>> Came from:
>>>>>
>>>>> C:\cygwin\lib\python2.6\lib-dynload\_functools.dll
>>>>>
>>>>> detected: Trojan.Win32.Possador.AMN!A2
>>>>
>>>>
>>>> Looks like an Emsisoft (A2) False Positive detection. Cygwin tools are known for
>>>> generating occasional False Positives.
>>>
>>> Thanks for the confirmation. I left it alone.
>>
>> BTW... Are you in a position to contact Emsisoft and get them to correct
>> all these false-positives? They should not pick on Nirsoft or
>> Sysinternals tools. Someone who just "selected all" could **** up their
>> system based on all the false's. You really have to know what you're
>> doing to use that utility safely.
>>
>> I give it a 7/10, for excellent detection but lost points for false
>> positives.
>>
>> Can not recommend to end-users.
>>
>
>I could if you really want me to.

It doesn't matter to me, I'm not going to use the product.

Maybe you can add your own exceptions in your tool? Like a technician
version (maybe $10-$20) that will highlight/ignore known F.P.'s. (on all
the engines). I'd love a tool that I didn't have to scrutinize the
output so hard, and be able concentrate on real threats right away.

--

"I don't like to discriminate against terrorists based on nationality.
If you declare war on the United States and you want to kill us,
We're going to kill you first, period."

October 19, 2011 - Ali Soufan (Colbert Report)

[G. Morgan]

David H. Lipman wrote:

>From: "G. Morgan" <sealteam6@osama-is-dead.net>
>
>> G. Morgan wrote:
>>
>>> David H. Lipman wrote:
>>>
>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>
>>>>> David H. Lipman wrote:
>>>>>
>>>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>>>
>>>>>>>
>>>>>>> All were false positives except this:
>>>>>>> savedsites\hxxp___mynews.ath.cx\http://www.vanbasco.com\downloads\va...ad_chinese.exe
>>>>>>> * Trojan.Crypt!IK
>>>>>>>
>>>>>>> It thought this file was bad :-(
>>>>>>> http://www.virustotal.com/file-scan/...f96-1321894516
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Please submit that file, if you still have it, to http://www.uploadmalware.com/
>>>>>
>>>>> Done.
>>>>>
>>>>> Came from:
>>>>>
>>>>> C:\cygwin\lib\python2.6\lib-dynload\_functools.dll
>>>>>
>>>>> detected: Trojan.Win32.Possador.AMN!A2
>>>>
>>>>
>>>> Looks like an Emsisoft (A2) False Positive detection. Cygwin tools are known for
>>>> generating occasional False Positives.
>>>
>>> Thanks for the confirmation. I left it alone.
>>
>> BTW... Are you in a position to contact Emsisoft and get them to correct
>> all these false-positives? They should not pick on Nirsoft or
>> Sysinternals tools. Someone who just "selected all" could **** up their
>> system based on all the false's. You really have to know what you're
>> doing to use that utility safely.
>>
>> I give it a 7/10, for excellent detection but lost points for false
>> positives.
>>
>> Can not recommend to end-users.
>>
>
>I could if you really want me to.

That's up to you dude. You're in a good position to update F.P. litz,
since you're dealing with it all day. I was just sayin' if you were
able to make your scanner omit non-threats (cookies and techtools) and
only deal with a bona-fide threat; I'd pay $10-$20 for something like
that that gets updated. You would have to figure out if worth your time
and effort. (and who would buy it)




--

"I don't like to discriminate against terrorists based on nationality.
If you declare war on the United States and you want to kill us,
We're going to kill you first, period."

October 19, 2011 - Ali Soufan (Colbert Report)

[David H. Lipman]

From: "G. Morgan" <sealteam6@osama-is-dead.net>

> BTW... Are you in a position to contact Emsisoft and get them to correct
> all these false-positives? They should not pick on Nirsoft or
> Sysinternals tools. Someone who just "selected all" could **** up their
> system based on all the false's. You really have to know what you're
> doing to use that utility safely.
>
> I give it a 7/10, for excellent detection but lost points for false
> positives.
>
> Can not recommend to end-users.
>

F/P submitted.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

[Bullwinkle.]

From: Gramsterdam <sealteam6@osama-is-dead.net>
Newsgroups: alt.politics.scorched-earth
Subject: You all disgust me
Date: Mon, 17 Oct 2011 04:59:09 -0500
Organization: Send me your seeds
Lines: 21
Message-ID: <4hun971irniehmlheuknqftj18q9hkg3qc@Osama-is-dead.net>
Reply-To: sealteam6@osama-is-dead.net
NNTP-Posting-Host:
NTM2MTZjNzQ2NTY0NWY1ZjgzZDFjNDBjMzEyODQ5NWI3NTU1NT IzZmI4N2FjMjc1Y2JjYjkwNGUxZTQyZjY1OQ==
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: news2.open-news-network.org
eJwNyMERACEIA8CWgAQ05QiO/Zdwt89NlNcsVhbz5bNBb8zLdZvoUe3SCGXW9zhn6iqDy7b8KJz vv2ZYDOnshDYcCGmJ+AC31RhI
(17 Oct 2011 09:59:03 GMT)
X-Complaints-To: abuse@open-news-network.org
NNTP-Posting-Date: Mon, 17 Oct 2011 09:59:03 +0000 (UTC)
X-User-ID:
NTM2MTZjNzQ2NTY0NWY1ZjBhZDY3YWU2ZDkwMTU5NWFhZWNkMm FlM2NlZDRmZGE2Yjk3ZTdhYmZiNzgyYzYzODZkNjAzNDUzY2Ux MThjYzA=
X-No-Archive: yes
X-Newsreader: Forte Agent 6.00/32.1186
Cancel-Lock: sha1:tSe5sI/EQkuX5NEV5PEFbfzsyGU=
Path:
x-privat.org!newsfeed.x-privat.org!feeder.erje.net!newsfeed.freenet.ag!new s.babsi.de!open-news-network.org!news2.open-news-network.org!not-for-mail
Xref: news.x-privat.org alt.politics.scorched-earth:95368

I WILL be un subscribing to this group. I will trust (yeah right) that
no one will attempt to summon me for a fight.

Goodbye, you misfits.

I thought I was bad in pushing the extreme, obviously I'm over/under
classed. At least mine were in jest, you people are just mean.

The ones I emailed can continue, as well as Ron if he wants to. The
rest of you may go to hell as far as I'm concerned. I have NEVER seen
such a mean sprited NG with all my years doing this (and I've seen it
all).

I will wait 24 hours before I unsubscibe to see what smart-ass **** I
get back.






"G. Morgan" <sealteam6@osama-is-dead.net> wrote in message
news:02snc75gs13fhu7or2nj4tifsv19qjj339@Osama-is-dead.net...
David H. Lipman wrote:

>From: "G. Morgan" <sealteam6@osama-is-dead.net>
>
>> G. Morgan wrote:
>>
>>> David H. Lipman wrote:
>>>
>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>
>>>>> David H. Lipman wrote:
>>>>>
>>>>>> From: "G. Morgan" <sealteam6@osama-is-dead.net>
>>>>>>
>>>>>>>
>>>>>>> All were false positives except this:
>>>>>>> savedsites\hxxp___mynews.ath.cx\http://www.vanbasco.com\downloads\va...ad_chinese.exe
>>>>>>> * Trojan.Crypt!IK
>>>>>>>
>>>>>>> It thought this file was bad :-(
>>>>>>> http://www.virustotal.com/file-scan/...f96-1321894516
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Please submit that file, if you still have it, to
>>>>>> http://www.uploadmalware.com/
>>>>>
>>>>> Done.
>>>>>
>>>>> Came from:
>>>>>
>>>>> C:\cygwin\lib\python2.6\lib-dynload\_functools.dll
>>>>>
>>>>> detected: Trojan.Win32.Possador.AMN!A2
>>>>
>>>>
>>>> Looks like an Emsisoft (A2) False Positive detection. Cygwin tools are
>>>> known for
>>>> generating occasional False Positives.
>>>
>>> Thanks for the confirmation. I left it alone.
>>
>> BTW... Are you in a position to contact Emsisoft and get them to correct
>> all these false-positives? They should not pick on Nirsoft or
>> Sysinternals tools. Someone who just "selected all" could **** up their
>> system based on all the false's. You really have to know what you're
>> doing to use that utility safely.
>>
>> I give it a 7/10, for excellent detection but lost points for false
>> positives.
>>
>> Can not recommend to end-users.
>>
>
>I could if you really want me to.

That's up to you dude. You're in a good position to update F.P. litz,
since you're dealing with it all day. I was just sayin' if you were
able to make your scanner omit non-threats (cookies and techtools) and
only deal with a bona-fide threat; I'd pay $10-$20 for something like
that that gets updated. You would have to figure out if worth your time
and effort. (and who would buy it)




--

"I don't like to discriminate against terrorists based on nationality.
If you declare war on the United States and you want to kill us,
We're going to kill you first, period."

October 19, 2011 - Ali Soufan (Colbert Report)

[~BD~]

David H. Lipman wrote:
> From: "G. Morgan"<sealteam6@osama-is-dead.net>
>
>> BTW... Are you in a position to contact Emsisoft and get them to correct
>> all these false-positives? They should not pick on Nirsoft or
>> Sysinternals tools. Someone who just "selected all" could **** up their
>> system based on all the false's. You really have to know what you're
>> doing to use that utility safely.
>>
>> I give it a 7/10, for excellent detection but lost points for false
>> positives.
>>
>> Can not recommend to end-users.
>>
>
> F/P submitted.


To whom has the F/P been submitted?

Emisoft?

I don't understand why David Lipman is better placed than G. Morgan to
report matters.

Plenty of contact information here:-

http://www.emsisoft.com/en/support/contact/

[G. Morgan]

~BD~ wrote:

>I don't understand why David Lipman is better placed than G. Morgan to
>report matters.

His reputation precedes him, so they may actually read the email and fix
it.

Maybe they have some employees watching here for feedback, who knows.

--

"I don't like to discriminate against terrorists based on nationality.
If you declare war on the United States and you want to kill us,
We're going to kill you first, period."

October 19, 2011 - Ali Soufan (Colbert Report)

[Bullwinkle.]

Translation: They have me blocked.

"G. Morgan" <sealteam6@osama-is-dead.net> wrote in message
news:4ehpc7pmthsgvvbi7atn8frvjdtr92d2a9@Osama-is-dead.net...

His reputation precedes him, so they may actually read the email and fix
it.

Maybe they have some employees watching here for feedback, who knows.

[Bullwinkle.]

LOL You on drink again?

Damn you is slow...

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:jaif98$rhd$1@dont-email.me...

I don't understand why David Lipman is better placed than G. Morgan to
report matters.

[David H. Lipman]

From: "G. Morgan" <sealteam6@osama-is-dead.net>

> ~BD~ wrote:
>
>> I don't understand why David Lipman is better placed than G. Morgan to
>> report matters.
>
> His reputation precedes him, so they may actually read the email and fix
> it.
>
> Maybe they have some employees watching here for feedback, who knows.
>

It is done already. F/P was negated.

http://www.virustotal.com/file-scan/...f96-1322055536

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp