FYI: Avira reacted about "Shutdown Windows" servers" as malware

They told me by email, that they're scanning intentionally for "Shutdown
Windows' servers", and that they don't want to stop this.

I set them a target until next Monday to stop doing so. Afterwards I'm
intending to engage a lawyer.

The original text in German reads:

---------------------------- snip --------------------------------------
Die von Ihnen eingesendete Datei wird von AntiVir in Zukunft als
'SPR/Tool.KillService' erkannt. Es handelt sich hierbei um keinen
Fehlalarm.

Bitte beachten Sie, dass Security Privacy Risk für möglicherweise
schädliche Software steht.

Die Datei wird nicht direkt als Virus bezeichnet, sie bietet aber die
Möglichkeit, schädliche Prozessabläufe zu generieren - in diesem Fall
das Beenden von Diensten.

Die Erkennung von SPR (Security Privacy Risk) kann aus der Virensuche
ausgeschlossen werden.

Überprüfte Datei(en):
http://www.dingens.org/win32sec.exe
---------------------------- snap --------------------------------------

Yours,
VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

Ralph Angenendt in debate@ccc.de

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article ,
> void@nowhere.lan says...
> > In article <44d74c7e@news.uni-ulm.de>, bumens@dingens.org says...
> > > They told me by email, that they're scanning intentionally for "Shutd=
own
> > > Windows' servers", and that they don't want to stop this.
> > >
> > > I set them a target until next Monday to stop doing so. Afterwards I'm
> > > intending to engage a lawyer.
> > >
> > > The original text in German reads:
> > >
> > > ---------------------------- snip -----------------------------------=
---
> > > Die von Ihnen eingesendete Datei wird von AntiVir in Zukunft als
> > > 'SPR/Tool.KillService' erkannt. Es handelt sich hierbei um keinen
> > > Fehlalarm.
> > >
> > > Bitte beachten Sie, dass Security Privacy Risk für möglicherweise
> > > schädliche Software steht.
> > >
> > > Die Datei wird nicht direkt als Virus bezeichnet, sie bietet aber die
> > > Möglichkeit, schädliche Prozessabläufe zu generieren - in diese=
m Fall
> > > das Beenden von Diensten.
> > >
> > > Die Erkennung von SPR (Security Privacy Risk) kann aus der Virensuche
> > > ausgeschlossen werden.
> > >
> > > Überprüfte Datei(en):
> > > http://www.dingens.org/win32sec.exe
> > > ---------------------------- snap -----------------------------------=
---
> >
> > Finally, some real facts, we know know they are targeting the code that
> > VB is offering to the public.
> >
> > Now, the real question is why offer a program to shutdown services when
> > you can just document what services should be disabled
> >
> > It would seem to me that anyone getting this code could trick someone
> > into using it to cause problems on the unsuspecting.
>
> For those that don't read German, like me, translated by online free
> service:
>
> ---- translated text ----
>
> The file sent in by you is recognized of AntiVir in the future as a
> 'SPR/Tool.KillService'. It concerns herewith no false alarm. Please
> you note that Security Privacy Risk stands for possibly injurious
> software. The file is not designated directly as a virus, it offers
> however the possibility to generate injurious process flows - in this
> case the concluding of services. The recognition of SPR (Security
> Privacy Risk) can be excluded out of the viruses that which is sought.
>
> ---- end translation ----
>
> So, if I understand this properly, they are classifying it as a
> "Possible Risk" based on the function it provides.
>
> Are all of you VB supporters suggesting that the Code does NOT present
> any risk in any environment?
>
> --
>

I am suggesting that there shouldn't be a double standard. Lots of
software is a possible risk based on the function it provides.

And we know that the sensible thing is not to ban all potentially risky
software, but to allow ones that we know are not intended to be
harmful.

Furthermore, VB's program is not only "not intended to be harmful", and
itnended to be helpful. it actually prompts the user and makes clear
what it is doing.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <1154964561.035657.57970@p79g2000cwp.googlegroups.com>,
> q_q_anonymous@yahoo.co.uk says...
> >
> > Leythos wrote:

> > > So, if I understand this properly, they are classifying it as a
> > > "Possible Risk" based on the function it provides.
> > >
> > > Are all of you VB supporters suggesting that the Code does NOT present
> > > any risk in any environment?
> > >
> > > --
> > >
> >
> > I am suggesting that there shouldn't be a double standard. Lots of
> > software is a possible risk based on the function it provides.
>
> There is no double standard, vendors know to submit the products to
> malware detection vendors before it is released or to work with them so
> that their products are not falsely marked as malware.
>
> Why should one complain if they didn't pre-submit their code for
> testing/exclusion before releasing it?
>
> > And we know that the sensible thing is not to ban all potentially risky
> > software, but to allow ones that we know are not intended to be
> > harmful.
>
> How does a vendor determine what is "Intended" based on the number of
> users that may intend to do anything with a code? It seems to me that
> you can't be sure what people will do with something once it's released
> into the public domain, and that's the entire problem.
>

they can use their common sense. The same common sense that tells them
that the many easy to set up ftp servers are not viruses. The same
common sense that should tell them to whitelist any of gibson's
software - you even defended that.

> Discount that this is about VB, what if it was from "John Smith" and
> released into the public to do the same thing with no mention as to why
> it was released to public?
>

then one would investigate further. I suppose john smith has no
website, cvontact details, description of the program, or users? is he
anonymous too? is the program not open source?

Then I wouldn't think it's a problem to flag it as malware. I wouldn't
expect the Anti malware company to test it in a virtual machine.

But this is totally not the case

> > Furthermore, VB's program is not only "not intended to be harmful", and
> > itnended to be helpful. it actually prompts the user and makes clear
> > what it is doing.
>
> And the intent doesn't mean anything, at least not to malware detection
> vendors.
>

yes it does. That's why they allow Gibson's server shutdown programs,
that's why they allow many easy to set up ftp servers.

their software is supposed to detect malware, if it misidentifies a
program then it isn't operating correctly, and more seriously, if can
affect the individual adversely.

Gibson had a similar problem to VB, where some idiot that could program
wrote some sort of firewall, and every time it received an incoming
connection or maybe a port scan, it'd ALERTS the user, telling him he
was (or might be) being attacked, and for the next step, it lets him
click ok to send a report to the ISP of the attacker. Gibson's ISP got
lots of complaints! Fortunately for Gibson, he's a big fish(large user
base), quite well known. being attacked by a little fish.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:

>
> There is no double standard, vendors know to submit the products to
> malware detection vendors before it is released or to work with them so
> that their products are not falsely marked as malware.
>


There is no standard submition to all malware checkers.

Obviously if a vendor/innocent techie programmer submits if after the
program is released, he shouldn't expect an immediate change. But for
the next release, there should be a change.

In this case, VB did contact them, VB wrote
"They told me by email, that they're scanning intentionally for
"Shutdown
Windows' servers", and that they don't want to stop this. "

That is outrageous!!!

if they did say that then I think they're lying by saying they're
"scanning intentionally" for it. i.e. they don't have a bit of code to
identify VB's software.

Do they whitelist Gibson's server shutdown programs? If Volker's then
why not Gibson's?
note-
Gibson would kick their ass (it's often thought that he even pressures
microsoft to do things) or perhaps Gibson would give them publicity
that they don't deserve.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <1154970180.608368.303690@i3g2000cwc.googlegroups.com>,
> q_q_anonymous@yahoo.co.uk says...
> >
> > Leythos wrote:
> >
> > >
> > > There is no double standard, vendors know to submit the products to
> > > malware detection vendors before it is released or to work with them so
> > > that their products are not falsely marked as malware.
> > >
> >
> >
> > There is no standard submition to all malware checkers.
>
> If you care, you can find them, just start looking. Sure, there is no
> one submission for, it takes work, but if the program is worth something
> it should be worth the effort to make sure it's not seen as malware
> while acting as malware.
>
> > Obviously if a vendor/innocent techie programmer submits if after the
> > program is released, he shouldn't expect an immediate change. But for
> > the next release, there should be a change.
> >
> > In this case, VB did contact them, VB wrote
> > "They told me by email, that they're scanning intentionally for
> > "Shutdown
> > Windows' servers", and that they don't want to stop this. "
>
> Read what the vendor wrote, not what VB wrote. I use two translators and
> did not see anywhere that they were specifically targeting his
> application by name or function.
>
> I see that they are looking for malware and have identified his program
> as malware, that they have designated it as "Security Privacy Risk".
>
> > That is outrageous!!!
>
> Yes, I would have thought you would have understood what was written,
> try reading what they replied.
>
> > if they did say that then I think they're lying by saying they're
> > "scanning intentionally" for it. i.e. they don't have a bit of code to
> > identify VB's software.
>
> Neither of the German to Englist translations I did show them
> "Intentionally" scanning for his code.
>
> > Do they whitelist Gibson's server shutdown programs? If Volker's then
> > why not Gibson's?
>
> As yourself how Gibson got is code excluded - until you know how you
> don't have anything except for guesses and hype.
>

you don't know how he got his code excluded. Besides, private
communication is satisfactory to get the message across. If not, then
one would reasonably expect the "anti malware" people to point VB to
where to submit his code.

> > note-
> > Gibson would kick their ass (it's often thought that he even pressures
> > microsoft to do things) or perhaps Gibson would give them publicity
> > that they don't deserve.
>
> Until you determine the differences between Gibson's code and VB's code,

If you're claiming that there's a difference that warrants one being
icnluded and the other excluded, then you should back up that claim.
Even if they claim implementation as their concern. Which they may be
diong in their email to VB which you had translated (your
interpretation written after it mentioned only Function).
Function should be the concern, not implementation. If their algorithm
mistakenly picks up VBs they can have a whitelist.

> and how Gibson got his approved, you don't have much to say except for
> meaningless rants.
>
> --
>

I don't know if Gibson's is exempted. The point about Gibson being
exempted was a hang over from another post mentinoing statistics about
malware that exempts Gibson.

again, you are just saying "you don't know how Gibson got his
approved". Well, you're claiming or suggesting that they approved it
differently, and Gibson's method deserved approval, VB's doesn't.
Anyhow, I don't see why private communication isn't good enough. They
have got the message(that is the ultimate prupose of any official
submition mechanism).

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
[deleted]

> Read what the vendor wrote, not what VB wrote.

We did.

> I use two translators and did not see anywhere that they were
> specifically targeting his application by name or function.

That you don't understand German is your problem, not VB's/ours/
. I.e. don't, implicitly, call someone a liar, just because
you (apparently) can't get yourself to believe him, and 'have' to use
"translators".

[more of the same deleted]

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <44d77d20$0$22906$dbd43001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
> > Leythos wrote:
> > [deleted]
> >
> > > Read what the vendor wrote, not what VB wrote.
> >
> > We did.
> >
> > > I use two translators and did not see anywhere that they were
> > > specifically targeting his application by name or function.
> >
> > That you don't understand German is your problem, not VB's/ours/
> > . I.e. don't, implicitly, call someone a liar, just because
> > you (apparently) can't get yourself to believe him, and 'have' to use
> > "translators".
> >
> > [more of the same deleted]
>
> I would be more than happy to read the text of the email, if you want to
> translate it for me, and the change my statement if it clearly shows
> that the translation was in error.

There's no point. It's no so much the translation, but your
interpretation of the translation. I.e. you are apparently unwilling to
accept that it actually says what VB says it says. I.e. it's just
another refusal to accept information which does not suit your agenda.

> I put it through two translators, just in case one didn't translate the
> words properly, and both said the same basic things, and they currently
> seem to support what I've been saying.

Not that it really matters in *this* case, but your notion that
automatic translation of natural languages is at all possible, let alone
reliable, is mind-boggling.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <1154970180.608368.303690@i3g2000cwc.googlegroups.com>,
> q_q_anonymous@yahoo.co.uk says...
> >
> > Leythos wrote:
> >
> > >
> > > There is no double standard, vendors know to submit the products to
> > > malware detection vendors before it is released or to work with them so
> > > that their products are not falsely marked as malware.
> > >
> >
> >
> > There is no standard submition to all malware checkers.
>
> If you care, you can find them, just start looking. Sure, there is no
> one submission for, it takes work, but if the program is worth something
> it should be worth the effort to make sure it's not seen as malware
> while acting as malware.
>
> > Obviously if a vendor/innocent techie programmer submits if after the
> > program is released, he shouldn't expect an immediate change. But for
> > the next release, there should be a change.
> >
> > In this case, VB did contact them, VB wrote
> > "They told me by email, that they're scanning intentionally for
> > "Shutdown
> > Windows' servers", and that they don't want to stop this. "
>
> Read what the vendor wrote, not what VB wrote. I use two translators and
> did not see anywhere that they were specifically targeting his
> application by name or function.
>
> I see that they are looking for malware and have identified his program
> as malware, that they have designated it as "Security Privacy Risk".
>
> > That is outrageous!!!
>
> Yes, I would have thought you would have understood what was written,
> try reading what they replied.
>
> > if they did say that then I think they're lying by saying they're
> > "scanning intentionally" for it. i.e. they don't have a bit of code to
> > identify VB's software.
>
> Neither of the German to Englist translations I did show them
> "Intentionally" scanning for his code.
>
> > Do they whitelist Gibson's server shutdown programs? If Volker's then
> > why not Gibson's?
>
> As yourself how Gibson got is code excluded - until you know how you
> don't have anything except for guesses and hype.
>
> > note-
> > Gibson would kick their ass (it's often thought that he even pressures
> > microsoft to do things) or perhaps Gibson would give them publicity
> > that they don't deserve.
>
> Until you determine the differences between Gibson's code and VB's code,
> and how Gibson got his approved, you don't have much to say except for
> meaningless rants.
>
> --
>

Gibson aside, and differing translations aside.

I don't know about you, but I would say with certainty that VB's
program is not malware, its's not malicious, it's run by a user that
doesn't need the servers, and it shuts down the servers to increase
security.

this anti malware company misidentify VB's program as malware when it
isn't malware.

By continuing to do so, and not CORRECT their software on the next
release, they do so intentionally.

the goal of an anti-malware app is to identify malware, or perhaps
programs where there is a risk that it is malware.
To identify VB's program as a potential risk (as if they are not sure
whether it is maliciosu or not) is wrong.
malware is not software that can be used for a bad purpose. You can use
a ton of programs for a bad purpose. Windows, format.com, dial up
networking, notepad, any small ftp server, VNC, anything and lots of
things.

VB's program is not malware.

They have the information to know that, and they continue to call it
malware.

It's irrelevant how the software is implemented. Their program is to
spot malware, not programs that have some implementation that is
similar to some malware but isn't malware.

if it isn't malware and they know it isn't, they should create an
exception for it. They have the inforamation, it's a very simple
amendment to make. A company that can write a virus checker is more
thna capable of makign the amendment FAST. They should already have a
file of exceptions.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <1154972949.826984.294390@m73g2000cwd.googlegroups.com>,
> q_q_anonymous@yahoo.co.uk says...
> >
> > Leythos wrote:
> > > In article <1154970180.608368.303690@i3g2000cwc.googlegroups.com>,
> > > q_q_anonymous@yahoo.co.uk says...
> > > >
> > > > Leythos wrote:


just to add..

> I don't see why you can't understand these simple things:
>
> 1) Code that acts like malware should be detected/flagged as malware.

not if it's not malware

> 2) Authors that don't want malware acting code detected/flagged as
> malware should contact AV vendors to get this resolved BEFORE it goes
> public.

says who? and where is the justice in that? how can a programmer know
of all anti-virus software that is going to pop up before the software
goes public? what about Norton AV, that was written LONG ago, should
programmers get a time machine?

A sensible thing is programmers tell AV writers and if the submitino is
valid, they correct it for their next release. They do update software
like that, it just goes in the bag of the updates.

> 3) When something acts like malware, it doesn't matter what the intended
> use of the author is, all that matters is if in the wrong hands can it
> do harm.

it doesn't even act like malware. It acts like an innocent program, and
it is.

only an algorithm that may confuse it with malware based on an
implementation detail in the code, may make that mistake. But it'd be
wrong. Hence exceptions would have to be made.

An old friend of mine once tried a virus checker which detected itself
as a virus. If the algorithm worked in that way it should have had an
exception for itself.


> 4) If the author doesn't care enough to do #2, then they have no reason
> to complain.

I don't see any basis for #2 or any justice to it. And I noted many
problems with it.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <44d7a142$0$14826$dbd4b001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
>>
>> There's no point. It's no so much the translation, but your
>> interpretation of the translation. I.e. you are apparently unwilling to
>> accept that it actually says what VB says it says. I.e. it's just
>> another refusal to accept information which does not suit your agenda.
>
> I'm quite willing to accept that the translation is wrong, that's why I
> did two different G>E engines to see what they would come out with. Both
> came out with the same meaning. I already asked for anyone to provide a
> better translation I could check.
>

You missed his point. A computer cannot properly translate one language
to the other with all the idiom and intent of the original language. It
can tell you that word A means B according to its dictionary, but it
cannot deal with the intricacies of a language. For example, there is
a phrase in Spanish that when directly translated would say "He's a good
egg" when what is really meant is "He's a good man". This is why there
are still professional human translators in this day and age. "Lost in
translation" is not just a saying when it comes to computer translations.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
[deleted]

> When I read a post that is biased, stating that the big bad guys are
> going after me, I look for unbiased confirmation - nothing in his post,
> and nothing in this entire thread indicates that the AV vendors are
> going after the coder (VB), only a threat capable program. I would not
> believe anyone posting in Usenet/Blocks about an injustice I could not
> verify myself, only a fool would.

What you fail to understand/accept is that you *cannot* have read such
a post for the simple reason that it was never written.

The personal vendetta scenario, like the "Why was VB's code detected
as malware?" (non-)question, only exist in your head. They were never
written by any of us (TINU) and simply are non-issues.

So to make it simple for you:

- We don't think anyone is going after VB, i.e. no personal vendetta.

- We don't care why VB's codes are detected. We only care *that* they
are detected and think that they should have been whitelisted (by the
AV 'vendors') or not detected (because, as the AV vendors should have
determined, neither *is* malware).

- We don't care that you think they should be detected (and not
whitelisted). I.e. we disagree with your opinion.

Got it now? Any questions?

[deleted]

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <44d8a3ae$0$66768$dbd45001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
> > Leythos wrote:
> > [deleted]
> >
> > > When I read a post that is biased, stating that the big bad guys are
> > > going after me, I look for unbiased confirmation - nothing in his post,
> > > and nothing in this entire thread indicates that the AV vendors are
> > > going after the coder (VB), only a threat capable program. I would not
> > > believe anyone posting in Usenet/Blocks about an injustice I could not
> > > verify myself, only a fool would.
> >
> > What you fail to understand/accept is that you *cannot* have read such
> > a post for the simple reason that it was never written.
> >
> > The personal vendetta scenario, like the "Why was VB's code detected
> > as malware?" (non-)question, only exist in your head. They were never
> > written by any of us (TINU) and simply are non-issues.
> >
> > So to make it simple for you:
> >
> > - We don't think anyone is going after VB, i.e. no personal vendetta.
> >
> > - We don't care why VB's codes are detected. We only care *that* they
> > are detected and think that they should have been whitelisted (by the
> > AV 'vendors') or not detected (because, as the AV vendors should have
> > determined, neither *is* malware).
> >
> > - We don't care that you think they should be detected (and not
> > whitelisted). I.e. we disagree with your opinion.
> >
> > Got it now? Any questions?
>
> Hey, you got it almost all right, but the other people in this thread
> seem to be saying that they (vendors) are specifically targeting VB, as
> well as VB's initial post about this problem suggesting it (please read
> the Nasty Propaganda thread, first post by VB).....

"seem to be saying"? Again you are 'reading' stuff which was never
written. No-one ever said that the vendors are specifically targeting
VB. As I said, it's only in *your* head, no in anyone else's, nor in
their postings.

If you think otherwise then *cite*.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

[Quoting in full to give you another chance to read.]

Leythos wrote:
> In article <44d9d0f2$0$14912$dbd45001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
> > Leythos wrote:
> > > In article <44d8a3ae$0$66768$dbd45001@news.wanadoo.nl>,
> > > this@ddress.is.invalid says...
> > > > Leythos wrote:
> > > > [deleted]
> > > >
> > > > > When I read a post that is biased, stating that the big bad
> > > > > guys are going after me, I look for unbiased confirmation -
> > > > > nothing in his post, and nothing in this entire thread
> > > > > indicates that the AV vendors are going after the coder (VB),
> > > > > only a threat capable program. I would not believe anyone
> > > > > posting in Usenet/Blocks about an injustice I could not verify
> > > > > myself, only a fool would.
> > > >
> > > > What you fail to understand/accept is that you *cannot* have
> > > > read such a post for the simple reason that it was never
> > > > written.
> > > >
> > > > The personal vendetta scenario, like the "Why was VB's code
> > > > detected as malware?" (non-)question, only exist in your head.
> > > > They were never written by any of us (TINU) and simply are
> > > > non-issues.
> > > >
> > > > So to make it simple for you:
> > > >
> > > > - We don't think anyone is going after VB, i.e. no personal
> > > > vendetta.
> > > >
> > > > - We don't care why VB's codes are detected. We only care *that*
> > > > they are detected and think that they should have been
> > > > whitelisted (by the AV 'vendors') or not detected (because, as
> > > > the AV vendors should have determined, neither *is* malware).
> > > >
> > > > - We don't care that you think they should be detected (and not
> > > > whitelisted). I.e. we disagree with your opinion.
> > > >
> > > > Got it now? Any questions?
> > >
> > > Hey, you got it almost all right, but the other people in this
> > > thread seem to be saying that they (vendors) are specifically
> > > targeting VB, as well as VB's initial post about this problem
> > > suggesting it (please read the Nasty Propaganda thread, first post
> > > by VB).....
> >
> > "seem to be saying"? Again you are 'reading' stuff which was never
> > written. No-one ever said that the vendors are specifically
> > targeting VB. As I said, it's only in *your* head, no in anyone
> > else's, nor in their postings.
> >
> > If you think otherwise then *cite*.
>
> Please go back and read it for yourself - VB in his first post
> suggested it, as have several people in the other thread. If you can't
> read the two threads I'm not going back through each post for you,
> it's all there for your friend - google should make it easy for you to
> find.

Please try to *read* will you? "suggested" is in the same arena as
"seems to be saying", i.e. you're *implying* something which *never
happened*. If you think otherwise, the burden of proof is on you, and
you will have to provide specific cites (together with your
interpretation of those cites).

And please don't ask us to go back and read stuff, because it's
imposible to read stuff which was never written (and we have already
read, and -contrary to you - understood, what *was* written).

Bottom line: *Cite* or shut up [1].

[1] This is not my normal style, but you seem to need this kind of
clarity/bluntness.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <44d9ef4e$0$2584$dbd45001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
> > And please don't ask us to go back and read stuff, because it's
> > imposible to read stuff which was never written (and we have already
> > read, and -contrary to you - understood, what *was* written).
> >
> > Bottom line: *Cite* or shut up [1].
> >
> > [1] This is not my normal style, but you seem to need this kind of
> > clarity/bluntness.
>
> Seems strange that you want to change the history of the threads, but
> you don't want to go back and check yourself.
>
> I think it is your style, trolling, as you claim something that is
> clearly on record for all to see, as not existing. You only have to fear
> yourself, others can see it if you can't.
>
> If you are not willing to check yourself, then to use your own words
> "Shut up".

Again, one can not "check yourself" something which doesn't exist. One
can not prove that something does not exist, only that something does
exist. Since you claim these postings exist (and I say they don't), as
I said before (and you, once more, 'conveniently' snipped), the burden
of proof is on you. Sorry, Logic 101.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Leythos wrote:
> In article <44da3314$0$81102$dbd49001@news.wanadoo.nl>,
> this@ddress.is.invalid says...
> > Leythos wrote:
> > > In article <44d9ef4e$0$2584$dbd45001@news.wanadoo.nl>,
> > > this@ddress.is.invalid says...
> > > > And please don't ask us to go back and read stuff, because it's
> > > > imposible to read stuff which was never written (and we have already
> > > > read, and -contrary to you - understood, what *was* written).
> > > >
> > > > Bottom line: *Cite* or shut up [1].
> > > >
> > > > [1] This is not my normal style, but you seem to need this kind of
> > > > clarity/bluntness.
> > >
> > > Seems strange that you want to change the history of the threads, but
> > > you don't want to go back and check yourself.
> > >
> > > I think it is your style, trolling, as you claim something that is
> > > clearly on record for all to see, as not existing. You only have to fear
> > > yourself, others can see it if you can't.
> > >
> > > If you are not willing to check yourself, then to use your own words
> > > "Shut up".
> >
> > Again, one can not "check yourself" something which doesn't exist. One
> > can not prove that something does not exist, only that something does
> > exist. Since you claim these postings exist (and I say they don't), as
> > I said before (and you, once more, 'conveniently' snipped), the burden
> > of proof is on you. Sorry, Logic 101.
>
> That's like you stating the world is flat when there is evidence to
> prove it's not, but since you're not willing to travel or look at a
> picture, that you're going to continue to deny the facts.
>
> Logic, as you noted, does not seem to be a strong area for you.

Well, this circular reasoning and PKB each way won't bring us
anywhere, so let's wait what the response(s) is/are, if any, to your
recent response to
VB. After all, he is the only one who can clarify what he meant with
what he wrote. I think it was blindingly obvious, but you seem to think
otherwise, and now are contemplating whether it's a language difference
(which I don't think it is).

Meanwhile, it's mind-boggling that you seem to think that something
(which you say) someone is "suggesting" can at the same time be a
"fact". Probably that's a "language difference" as well.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Frank Slootweg wrote:
> Well, this circular reasoning and PKB each way won't bring us
> anywhere, so let's wait what the response(s) is/are, if any, to your
> recent response to
> VB. After all, he is the only one who can clarify what he meant with
> what he wrote.

Hi, Frank,

sorry, but such threads with "Leythos" I already had enough myself. I'm
not reading him any more, and I did not follow you, what you discussed
here.

If I can clarify something for you, Frank, I would be pleased to do so.
Just ask a concrete question, please ;-)

> Meanwhile, it's mind-boggling that you seem to think that something
> (which you say) someone is "suggesting" can at the same time be a
> "fact". Probably that's a "language difference" as well.

In conjunction with "Leythos", I'd suggest you to read the description of
the term "kook" in Jargon File.

Yours,
VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

Ralph Angenendt in debate@ccc.de

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

"Leythos" wrote in message
news:MdJCg.46056$vl5.8495@tornado.ohiordc.rr.com...
> In article <44db5bfe@news.uni-ulm.de>, bumens@dingens.org says...
> > Frank Slootweg wrote:
> > > Well, this circular reasoning and PKB each way won't bring us
> > > anywhere, so let's wait what the response(s) is/are, if any, to your
> > > recent response to
> > > VB. After all, he is the only one who can clarify what he meant with
> > > what he wrote.
> >
> > Hi, Frank,
> >
> > sorry, but such threads with "Leythos" I already had enough myself. I'm
> > not reading him any more, and I did not follow you, what you discussed
> > here.
> >
> > If I can clarify something for you, Frank, I would be pleased to do so.
> > Just ask a concrete question, please ;-)
> >
> > > Meanwhile, it's mind-boggling that you seem to think that something
> > > (which you say) someone is "suggesting" can at the same time be a
> > > "fact". Probably that's a "language difference" as well.
> >
> > In conjunction with "Leythos", I'd suggest you to read the description of
> > the term "kook" in Jargon File.
>
> Which appears to fully describe yourself - as you seem to indicate that
> vendors are personally targeting your code, which has not been proven at
> all.

No Leythos. I cannot see a post in this thread in which Volker says (or even
implies) that anyone (AV vendors or otherwise) is targeting him personally.
However it's possible I've missed such a post so please do cite it if there is
one.

What _has_ been proven is that a particular executable was included in the
signature database of at least one virus scanner and that that signature has now
been (or will be) removed.

Jason

>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Volker Birk wrote:
[deleted]

> If I can clarify something for you, Frank, I would be pleased to do so.

Thanks, but I do not need any clarification. As I said, what you wrote
is (IMO) blindingly obvious! :-)

> Just ask a concrete question, please ;-)

"a concrete question"? On *Usenet*? We can't have *that*, can we? Next
you'll give a concrete answer. What would be the fun in that? :-)

[deleted]

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

"Leythos" wrote in message
news:IHKCg.46066$vl5.43895@tornado.ohiordc.rr.com...
> In article <4k16quFa0sdaU1@individual.net>, none@invalid.invalid says...
> [snip]
> > What _has_ been proven is that a particular executable was included in the
> > signature database of at least one virus scanner and that that signature has
now
> > been (or will be) removed.
>
> Here is the only important part of this thread, which has been my
> position all along.

But we only found out recently that the signature has been (or will be) removed.
We knew it had been included when we read Volker's first post on the subject.

> As you will not, it does not indicate how or why
> this happened, does not show anything personal in intent.

That's because I wrote it and did not include any such things in it.

It's beyond me why this (and other) threads took so long but I'm not a
psychologist.

>
> Thanks

Glad to be of service.

Jason

>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

On Thu, 10 Aug 2006 19:53:22 GMT, Leythos wrote:


>I stated that I don't believe the Windows Firewall is adequate for any
>real protection and that one of VB's POC's didn't work as he indicated,
>on a properly configured computer - and that got me plonked by VB (which
>is fine with me).

Don't forget to add that when I kindly asked you for references to
what configuration you were referring to you refused to provide that -
and turned to silly "go search on the MS site for yourself" and "you
never really wanted to know the truth" kind of stuff. Now you tell me
why I should take you seriously.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

B. Nice wrote:
> On Thu, 10 Aug 2006 19:53:22 GMT, Leythos wrote:
>
> >I stated that I don't believe the Windows Firewall is adequate for any
> >real protection and that one of VB's POC's didn't work as he indicated,
> >on a properly configured computer - and that got me plonked by VB (which
> >is fine with me).
>
> Don't forget to add that when I kindly asked you for references to
> what configuration you were referring to you refused to provide that -
> and turned to silly "go search on the MS site for yourself" and "you
> never really wanted to know the truth" kind of stuff. Now you tell me
> why I should take you seriously.

Hmmm!? Does that mean that those references/documents don't exist
either? I.e. like the stuff which VB supposedly wrote but never did.

Do we see a pattern here? Or perhaps even a signature? But, ...
nothing personal!

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Frank Slootweg wrote:
> > Just ask a concrete question, please ;-)
> "a concrete question"? On *Usenet*? We can't have *that*, can we? Next
> you'll give a concrete answer. What would be the fun in that? :-)

*G*

VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

Ralph Angenendt in debate@ccc.de

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

On Thu, 10 Aug 2006 21:07:21 GMT, Leythos wrote:

>In article <6v4nd295i17obh2uvornngbu13al49fr93@4ax.com>,
>b__nice@hotmail.com says...
>> On Thu, 10 Aug 2006 19:53:22 GMT, Leythos wrote:
>>
>>
>> >I stated that I don't believe the Windows Firewall is adequate for any
>> >real protection and that one of VB's POC's didn't work as he indicated,
>> >on a properly configured computer - and that got me plonked by VB (which
>> >is fine with me).
>>
>> Don't forget to add that when I kindly asked you for references to
>> what configuration you were referring to you refused to provide that -
>> and turned to silly "go search on the MS site for yourself" and "you
>> never really wanted to know the truth" kind of stuff. Now you tell me
>> why I should take you seriously.
>
>Please don't, as you've shown you don't care or want too. I don't care
>if you or your buddies read or care about anything I write, ever. I've
>seen how you guys twist words/meaning and how you ignore facts.

Plain BS. At that time I clearly stated that I was actually trying to
understand your opinion. That's a fact - and it's there for everybody
to see. You just choose once again to go around in circles, twisting
words and meanings instead of just providing a link or a description
on how to configure a system so the POC code does not work. And you
talk about honesty. *sigh*

I rest my case.

Re: FYI: Avira reacted about "Shutdown Windows" servers" as malware

Post removed (X-No-Archive: yes)