Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[JOKE] A virus in Portage tarball!
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
Ch00k
n00b
n00b


Joined: 02 May 2009
Posts: 55

PostPosted: Sun Nov 08, 2009 9:41 pm    Post subject: [JOKE] A virus in Portage tarball! Reply with quote

Avira found a piece of malware in portage tarball.
http://pic.ipicture.ru/uploads/091109/rTFzz1mw7b.png
Nice :roll:
_________________
To have no errors
Would be life without meaning
No struggle, no joy.
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Mon Nov 09, 2009 2:44 am    Post subject: Reply with quote

What kind of antivirus is that ? A spyware :P
Back to top
View user's profile Send private message
ToeiRei
Veteran
Veteran


Joined: 03 Jan 2005
Posts: 1191
Location: Austria

PostPosted: Mon Nov 09, 2009 6:51 am    Post subject: Reply with quote

<sarcasm>The Gentoo virus is a really bad one. Once it's got you infected, you will *never* be able to get rid of it again... I am addicted to gentoo since it started. See this as a warning</sarcasm>
_________________
Please stand by - The mailer daemon is busy burning your messages in hell...
Back to top
View user's profile Send private message
Veldrin
Veteran
Veteran


Joined: 27 Jul 2004
Posts: 1945
Location: Zurich, Switzerland

PostPosted: Mon Nov 09, 2009 7:33 am    Post subject: Reply with quote

I cannot remember whose sig it is in, but
Quote:
gentoo addict: One more emerge, then I quit


So yes, it is really dangerous. :twisted:


On a side note, according to the Avira page, this is the "virus".
Back to top
View user's profile Send private message
Ch00k
n00b
n00b


Joined: 02 May 2009
Posts: 55

PostPosted: Mon Nov 09, 2009 10:06 am    Post subject: Reply with quote

Another funny thing is that Avira thinks that the file is a mailbox :) I've never seen tar.bz2'ed mailbox files.
_________________
To have no errors
Would be life without meaning
No struggle, no joy.
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Mon Nov 09, 2009 12:47 pm    Post subject: Reply with quote

I will not use Avira since it lunch some crazy false positive.
Back to top
View user's profile Send private message
xaviermiller
Bodhisattva
Bodhisattva


Joined: 23 Jul 2004
Posts: 8704
Location: ~Brussels - Belgique

PostPosted: Mon Nov 09, 2009 1:01 pm    Post subject: Reply with quote

d2_racing wrote:
I will not use Avira since it lunch some crazy false positive.


Bon appétit ;)
_________________
Kind regards,
Xavier Miller
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Mon Nov 09, 2009 1:03 pm    Post subject: Reply with quote

Sorry : launch

Merci beaucoup :P
Back to top
View user's profile Send private message
ProgVal
n00b
n00b


Joined: 28 Sep 2009
Posts: 20
Location: France

PostPosted: Sat Nov 28, 2009 11:49 am    Post subject: A virus in portage-latest.tar.bz2 ? Reply with quote

Hello,

I'm trying to install Gentoo, so, I downloaded the file portage-latest.tar.bz2, using Windows Seven. I installed Gentoo.
I'm temporary using Windows Seven, and I launched a scan with Avira AntiVir, which detected the virus "HTML/Silly.Gen" in the archive, and it sayed me it won't repair the file, because it is my mailbox (??????)

Google didn't give me any way...

Is it normal ?

Thank you for advance,
ProgVal

EDIT : This is the report :
Code:
C:\Users\ProgVal\Downloads\portage-latest.tar.bz2
  [0] Type d'archive: BZ2
    --> portage-latest.tar
      [1] Type d'archive: TAR (tape archiver)
      --> portage/app-admin/lsat/files/lsat-0.9.6-gentoo.patch
        [RESULTAT]  Contient le modèle de détection du virus de script HTML HTML/Silly.Gen
      --> portage/app-admin/lsat/files/lsat-0.9.5-gentoo.patch
        [RESULTAT]  Contient le modèle de détection du virus de script HTML HTML/Silly.Gen
      --> portage/app-admin/lsat/files/lsat-0.9.7.1-gentoo.patch
        [RESULTAT]  Contient le modèle de détection du virus de script HTML HTML/Silly.Gen
    [AVERTISSEMENT] Ce fichier est une boîte à lettres. Pour ne pas gêner votre fonction d'emails, ce fichier n'est pas réparé ou supprimé.
Translation (approximativly):
Code:
C:\Users\ProgVal\Downloads\portage-latest.tar.bz2
  [0]  Archive's type: BZ2
    --> portage-latest.tar
      [1] Archive's type: TAR (tape archiver)
      --> portage/app-admin/lsat/files/lsat-0.9.6-gentoo.patch
        [RESULT]  Contains the HTML script virus detection mask HTML/Silly.Gen
      --> portage/app-admin/lsat/files/lsat-0.9.5-gentoo.patch
        [RESULT]  Contains the HTML script virus detection mask HTML/Silly.Gen
      --> portage/app-admin/lsat/files/lsat-0.9.7.1-gentoo.patch
        [RESULTAT]  Contains the HTML script virus detection mask HTML/Silly.Gen
    [ALERT] This file is a mailbox. This file won't be repaired or removed because it should disturb the emails function.
Back to top
View user's profile Send private message
Akkara
Bodhisattva
Bodhisattva


Joined: 28 Mar 2006
Posts: 6702
Location: &akkara

PostPosted: Sat Nov 28, 2009 12:37 pm    Post subject: Reply with quote

See here: A virus in Portage tarball!

Summary: it looks like a false match.
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana

PostPosted: Sat Nov 28, 2009 1:14 pm    Post subject: Reply with quote

Quote:
Is it normal ?

Yes, it is. It has been there at least since 2004, I got infected back then. If you are not careful it will infect you, too. Symptoms are horrible. You will look at any closed-source software with despise, in developed stadium you will trash your Windows 7 because you cannot stand it any more. :P
Back to top
View user's profile Send private message
ProgVal
n00b
n00b


Joined: 28 Sep 2009
Posts: 20
Location: France

PostPosted: Sat Nov 28, 2009 1:58 pm    Post subject: Reply with quote

Thank you both.

Jaglover: :D I guess that Gentoo is less dangerous than a closed-source system, but I wondered if the file I've downloaded is corrupted, or come from a false site.
Back to top
View user's profile Send private message
Akkara
Bodhisattva
Bodhisattva


Joined: 28 Mar 2006
Posts: 6702
Location: &akkara

PostPosted: Sat Nov 28, 2009 2:14 pm    Post subject: Reply with quote

Merged above 4 posts here
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Sat Nov 28, 2009 3:20 pm    Post subject: Reply with quote

The virus is a false/positive alert, I had one of these at work and I laughed a lot :P
Back to top
View user's profile Send private message
aCOSwt
Bodhisattva
Bodhisattva


Joined: 19 Oct 2007
Posts: 2537
Location: Hilbert space

PostPosted: Sun Jan 03, 2010 7:22 pm    Post subject: A virus in portage-latest Reply with quote

Hello,

I post this here as... I know well that many honest codes can look like a virus' signature.
It's just simply funny for me as, having spent 2 days configuring lilo for dual booting, I had ended considering I was just...

Silly ! :evil:

Recovering my XP session I had not seen for days...
I updated my Avira...
And let it run on the vfat partition I had downloaded the portage-latest tarball to...

Gling ! : portage-latest.tar.bz2 (portage/app-admin/lsat/files/lsat-0.9.6-gentoo.patch) contains the HTML script virus... HTML/Silly.Gen

Was it especially made for me ? :lol:
Back to top
View user's profile Send private message
Earthwings
Bodhisattva
Bodhisattva


Joined: 14 Apr 2003
Posts: 7753
Location: Germany

PostPosted: Sun Jan 03, 2010 7:47 pm    Post subject: Reply with quote

Merged last post.
_________________
KDE
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Sun Jan 03, 2010 8:54 pm    Post subject: Reply with quote

Change your antivirus :P
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum