Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Clamtk found 12 possible threats on my computer
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
<3
l33t
l33t


Joined: 21 Oct 2004
Posts: 743

PostPosted: Tue Mar 11, 2014 7:25 pm    Post subject: Clamtk found 12 possible threats on my computer Reply with quote

after installing clamtk (sunrise overlay) I decided to scan my laptop to see if clamav could find anything. Here are the results. For some reason I am only able to quarantine the files located under the mozilla directory.

home/cashe/.cache/mozilla/firefox/yg5ltiz0.default/Cache/2/9B/47CBDd01 PUA.Phishing.Bank
/home/cashe/.cache/mozilla/firefox/yg5ltiz0.default/Cache/8/E6/F783Ed01 PUA.JS.Xored
/usr/portage/distfiles/luatex-beta-0.70.1.tar.bz2 PUA.Win32.Packer.Armadillo-59
/usr/portage/distfiles/ps2eps-1.68.tar.gz PUA.Win32.Packer.Armadillo-59
/home/cashe/.cache/mozilla/firefox/yg5ltiz0.default/Cache/C/A4/D9B47d01 PUA.Script.Packed-1
/opt/Adobe/Reader9/Reader/intellinux/plug_ins/Annotations/Stamps/ENU/Dynamic.pdf PUA.Script.PDF.EmbeddedJavaScript
/usr/share/texmf-dist/doc/latex/visualfaq/troubleshoot-vlf.pdf PUA.Script.PDF.EmbeddedJS-1
/usr/portage/distfiles/qca-2.0.3.tar.bz2 PUA.Win32.Packer.Mingwin32V
/usr/portage/distfiles/qpdf-4.1.0.tar.gz Heuristics.Encrypted.PDF
/usr/portage/distfiles/libmng-1.0.10.tar.gz PUA.Win32.Packer.Upx-57
/usr/portage/distfiles/exiv2-0.23.tar.gz PUA.Win32.Packer.PkliteV115V
/usr/portage/distfiles/zziplib-0.13.60.tar.bz2 PUA.Win32.Packer.Armadillo-59

Should I be worrired at all about these? This is a dual boot machine with Windows 7 on it. Also what should I do to correct this?
Back to top
View user's profile Send private message
<3
l33t
l33t


Joined: 21 Oct 2004
Posts: 743

PostPosted: Thu Mar 13, 2014 3:50 pm    Post subject: Reply with quote

The lack of responses is leading me to believe that no one here knows how to deal with this am I right?
Back to top
View user's profile Send private message
mvaterlaus
Apprentice
Apprentice


Joined: 01 Oct 2010
Posts: 155
Location: Switzerland

PostPosted: Thu Mar 13, 2014 4:24 pm    Post subject: Reply with quote

apparently,
PUA[1] is the term for "possible unwanted application". so it is not generally a virus. I also have found an interesting article at the mint forums [2]. I don't think, that you have a virus on your box, but some self ectracting files and pdfs with embeded javascript scripts.

[1]https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md
[2]http://forum.linuxmint.com/viewtopic.php?t=108883&p=613016
_________________
For calming down your eyes or clearing your mind: www.patrickwehli.ch
Back to top
View user's profile Send private message
gerard82
Advocate
Advocate


Joined: 04 Jan 2004
Posts: 2228
Location: Netherlands

PostPosted: Thu Mar 13, 2014 4:49 pm    Post subject: Reply with quote

AFAIK clamav is to find MSWindows virusses.
If you want to check a Linux system use "chkrootkit" and/or "rkhunter".
Both are available in portage.
I've been using Gentoo Linux for over 10 yrs.
Always used the same user passwd and the same (different) root passwd.
Never any virus or intrusion.
Gerard.
_________________
To install Gentoo I use sysrescuecd.Based on Gentoo,has firefox to browse Gentoo docs and mc to browse (and edit) files.
The same disk can be used for 32 and 64 bit installs.
You can follow the Handbook verbatim.
http://www.sysresccd.org/Download
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum