You are Here:
Linux Lite 6.4 RC1 Released - See the Release Announcements Forum section



Virus Detected on Lite 2.6 Wallpapers

Author (Read 16886 times)

0 Members and 1 Guest are viewing this topic.

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #9 on: September 04, 2015, 08:50:06 PM »
 

rokytnji

  • Friganeer
  • Platinum Level Poster
  • **********
  • 1255
    Posts
  • Reputation: 138

  • Linux Lite: 3.6 64bit

  • CPU: Intel Core2 Duo U9600

  • MEMORY: 4Gb

  • VIDEO CARD: Intel Mobile 4
Trying a different route with

http://scanthis.net/

which uses

Quote
ScanThis is powered by the open source and industry-recognised Clam AV software.

because the file info is not informative at all to me . There is no .exe in it just for starters.
Since the file in question is entrance.jpg.
I am only uploading that one to be scanned presently.
It is still scanning as I type this post out. So will wait to see what is what for sure.
That injected code the other site showed was just jumbled html code which I cannot decipher.

Sure is taking a long long time to scan one .jpg. Must be a zillion virus signatures to look for I guess.



Ok. Got tired of waiting so went to

https://www.metascan-online.com/#!/results/file/c15d48726a80498490d8b8b1e8cfe6da/regular



So my uneducated conclusion is that entrance.jpg in /usr/share/backgrounds/xfce/entrance.jpg is tainted somehow since double checked on another site  and I am going to delete it of all my boxes/installs.

It can't hurt to do so. Plus. If you look at my screenshots. I never use the default stuff anyways.


Up to the team to decide where to take this from here. I can only speak for myself.


Because. Even after all that. You still get


Quote


Only a few scan engines detected this file as a threat. If you think it might be a false positive, find out how to contact the engine vendor on our blog


Edit> I am closing the scan this tab open right now. It is still not done scanning and my patience aint what it used to be.



« Last Edit: September 04, 2015, 08:58:50 PM by rokytnji »
LL 3.6,2.8
Dell XT2 > Touchscreen Laptop
Dell 755 > Desktop
Acer 150 > Desktop
I am who I am. Your approval is not needed.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #8 on: September 04, 2015, 08:12:33 PM »
 

avj

  • Gold Level Poster
  • *******
  • 530
    Posts
  • Reputation: 110
  • Linux Lite Member

  • Linux Lite: 2.8 64bit

  • CPU: Dual core Intel Pentium D 2.80GHz

  • MEMORY: 2Gb

  • VIDEO CARD: AMD/ATI RC410 Radeon Xpress 200/1100
If you click on the link I provided for more info, and then click on the "File detail" tab it states:  The file being studied is an image file! More specifically, it is a JPEG. The image has been injected with malicious web content.

In the box right below that statement is what appears to be the code that was injected into the file.
I have not failed. Ive just found 10,000 ways that wont work. - Thomas Edison
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #7 on: September 04, 2015, 07:53:44 PM »
 

anon222

  • Muted
  • Gold Level Poster
  • *
  • 688
    Posts
  • Reputation: 192
  • Linux Lite Member

  • CPU: Dual core Pentium E5700 3GHz

  • MEMORY: 3Gb

  • VIDEO CARD: GeForce GT 430
I have been able to verify this as being flagged by https://www.virustotal.com/en/

The file in question is :  /usr/share/backgrounds/xfce/Entrance.jpg

it was identified by 7 of the 56 scans at virus total as the following:

AVware                              Trojan.Win32.Jpgiframe (v)                           20150901
AhnLab-V3                          HEUR/Iframe                                              20150904
Bkav                                 W32.HfsJPEG.D0FF                                       20150904
Cyren                                HTML/IFRAME.gen                                        20150904
F-Prot                                HTML/IFRAME.gen                                        20150904
NANO-Antivirus                   Trojan.Html.Heuristic-script.cadouz                 20150904
VIPRE                                Trojan.Win32.Jpgiframe (v)                            20150904

more info at:

https://www.virustotal.com/en/file/650d430d3ce9d90784f88bbe8e1aa056631e67de66072d03e6331e51f0d9d6cb/analysis/1441406529/
From that list I've heared about F-prot and VIPRE.
I'm not an expert on viruses. Could be false positive.
Did the check on LL 2.2 also.
https://www.virustotal.com/en/file/1dc15dfe32b6e563024a77cdd15a3de194d4756ce720d83b39417e19fa872b7f/analysis/1441398029/
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #6 on: September 04, 2015, 07:25:13 PM »
 

rokytnji

  • Friganeer
  • Platinum Level Poster
  • **********
  • 1255
    Posts
  • Reputation: 138

  • Linux Lite: 3.6 64bit

  • CPU: Intel Core2 Duo U9600

  • MEMORY: 4Gb

  • VIDEO CARD: Intel Mobile 4
Weird how comodo, AVG,Avast,ClamAV, Eset-Nod 32, among others give a green check and pass on that file.
Not being a virus expert myself.

With the r/h devel scale practically in the middle with 0   0 on the guage.
No wonder I only use Windows to tune Motorcycles and only for that purpose.

LL 3.6,2.8
Dell XT2 > Touchscreen Laptop
Dell 755 > Desktop
Acer 150 > Desktop
I am who I am. Your approval is not needed.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #5 on: September 04, 2015, 07:05:55 PM »
 

avj

  • Gold Level Poster
  • *******
  • 530
    Posts
  • Reputation: 110
  • Linux Lite Member

  • Linux Lite: 2.8 64bit

  • CPU: Dual core Intel Pentium D 2.80GHz

  • MEMORY: 2Gb

  • VIDEO CARD: AMD/ATI RC410 Radeon Xpress 200/1100
I have been able to verify this as being flagged by https://www.virustotal.com/en/

The file in question is :  /usr/share/backgrounds/xfce/Entrance.jpg

it was identified by 7 of the 56 scans at virus total as the following:

AVware                              Trojan.Win32.Jpgiframe (v)                           20150901
AhnLab-V3                          HEUR/Iframe                                              20150904
Bkav                                 W32.HfsJPEG.D0FF                                       20150904
Cyren                                HTML/IFRAME.gen                                        20150904
F-Prot                                HTML/IFRAME.gen                                        20150904
NANO-Antivirus                   Trojan.Html.Heuristic-script.cadouz                 20150904
VIPRE                                Trojan.Win32.Jpgiframe (v)                            20150904

more info at:

https://www.virustotal.com/en/file/650d430d3ce9d90784f88bbe8e1aa056631e67de66072d03e6331e51f0d9d6cb/analysis/1441406529/
I have not failed. Ive just found 10,000 ways that wont work. - Thomas Edison
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #4 on: September 04, 2015, 03:49:25 PM »
 

vagnerafonso

  • New to Forums
  • *
  • 5
    Posts
  • Reputation: 2
  • Linux Lite Member

  • CPU: Core2Duo

  • MEMORY: 4Gb

  • VIDEO CARD: ATI Radeon HD
Greetings,

Thank you for this information.  I've uploaded the wallpaper archive using my outlook.com account and it uploaded without issue. I appreciate the feedback and information.

Thanks
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #3 on: September 04, 2015, 03:35:14 PM »
 

rokytnji

  • Friganeer
  • Platinum Level Poster
  • **********
  • 1255
    Posts
  • Reputation: 138

  • Linux Lite: 3.6 64bit

  • CPU: Intel Core2 Duo U9600

  • MEMORY: 4Gb

  • VIDEO CARD: Intel Mobile 4
Gmail gives false positives to err on the side of caution.  They would not take zome zipped up text files of mine for Icewm folder in ~/.icewm that I tried to save.

Gmail is weird like that.

I am not saying there might be a virus embedded in the image since I do not know yet.

https://www.virustotal.com/
LL 3.6,2.8
Dell XT2 > Touchscreen Laptop
Dell 755 > Desktop
Acer 150 > Desktop
I am who I am. Your approval is not needed.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #2 on: September 04, 2015, 03:10:29 PM »
 

torreydale

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1581
    Posts
  • Reputation: 261
  • * Forum Moderator *

  • Linux Lite: 6.2 64bit

  • CPU: Intel i5-5300U (4) @ 2.900GHz

  • MEMORY: 8Gb

  • VIDEO CARD: Intel HD Graphics 5500

  • Kernel: 5.x
You should probably include screenshots of the warning and of the actual archive.
Want to thank me?  Click my [Thank] link.
 

Virus Detected on Lite 2.6 Wallpapers
« Reply #1 on: September 04, 2015, 02:44:03 PM »
 

vagnerafonso

  • New to Forums
  • *
  • 5
    Posts
  • Reputation: 2
  • Linux Lite Member

  • CPU: Core2Duo

  • MEMORY: 4Gb

  • VIDEO CARD: ATI Radeon HD
Greetings,

I recently downloaded Lite 2.6 32Bit and booted it up in Virtual Box.  I grabbed all of the wallpapers located in /usr/share/backgrounds/xfce and created a .zip archive.  When I went to email that archive to myself via Gmail, Google warned me that there was a virus detected. I wanted to bring this up with the community and hopefully someone would have an answer as to why this occurred.

Thank you

ScreenShots



« Last Edit: November 04, 2017, 06:27:31 PM by vagnerafonso »
 

 

-->
X Close Ad

Linux Lite 6.4 RC1 Released - See the Release Announcements Forum section