virus check says it found a virus in a .pet

For discussions about security.
Post Reply
Message
Author
tubby
Posts: 317
Joined: Sat 24 Jan 2009, 15:49

virus check says it found a virus in a .pet

#1 Post by tubby »

I have run a virus check on this system and i received the following alert on a pet in my download folder. :cry:

[Found possible virus] <Heuristic-90 (not disinfectable)>

Do you think it is dangerous or a bad report from xfprot?.

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#2 Post by cthisbear »

Probably F-Prot.

Chris.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#3 Post by Lobster »

assuming it is a false positive . . what is the file?
https://forum.f-prot.com/index.php?topic=1251.0

. . . report here
http://www.f-prot.com/virusinfo/submission_form.html
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

DMcCunney
Posts: 889
Joined: Tue 03 Feb 2009, 00:45

Re: virus or not

#4 Post by DMcCunney »

tubby wrote:I have run a virus check on this system and i received the following alert on a pet in my download folder. :cry:

[Found possible virus] <Heuristic-90 (not disinfectable)>

Do you think it is dangerous or a bad report from xfprot?.
Most likely, false positive.

Was this scan run from Puppy on a Puppy folder?

Viruses don't really exist for Linux. The extant ones all want to infect Windows, and can't run on/infect anything else. Folks running A/V in Puppy are usually concerned with protecting a Windows partition/machine, using Puppy as a secure platform from which to scan/disinfect/repair.

I don't use Puppy for that, hence don't install/run A/V in it.
______
Dennis

tubby
Posts: 317
Joined: Sat 24 Jan 2009, 15:49

#5 Post by tubby »

Lobster the pet is to large for me to send as i only have a slow upload sorry, i tried to pm you but there appears to be a problem.

User avatar
Dingo
Posts: 1437
Joined: Tue 11 Dec 2007, 17:48
Location: somewhere at the end of rainbow...
Contact:

#6 Post by Dingo »

often, false positives are caused by upx compression, so, executables compressed with upx are (falsely) identified as virus
Last edited by Dingo on Wed 24 Feb 2010, 18:32, edited 1 time in total.
replace .co.cc with .info to get access to stuff I posted in forum
dropbox 2GB free
OpenOffice for Puppy Linux

User avatar
dejan555
Posts: 2798
Joined: Sun 30 Nov 2008, 11:57
Location: Montenegro
Contact:

#7 Post by dejan555 »

Give us link from where you downloaded pet or give us name of pet only, someone will check it.
puppy.b0x.me stuff mirrored [url=https://drive.google.com/open?id=0B_Mb589v0iCXNnhSZWRwd3R2UWs]HERE[/url] or [url=http://archive.org/details/Puppy_Linux_puppy.b0x.me_mirror]HERE[/url]

tubby
Posts: 317
Joined: Sat 24 Jan 2009, 15:49

#8 Post by tubby »

As the report is most probably a false positive i thought about posting the name of the pet but decided against it as i did not want to cast any doubt on the work of the originator, one shadow and a lot of good work could be undone.
I was hoping a moderator would allow me to pm them with the info,tried Lobster but it did not get through for some reason.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#9 Post by Lobster »

Hi Lobster, re the infection reported, it is in the Quirky Linux Kernel 2.6.31.5-tickless_smp-q1.pet that i downloaded from the Quirky repository.
As i only have a very slow upload 20meg would take an awful long time, Maybe you can do it for me or ask someone else to check it out.
As the file came direct from Barry`s site you can understand why i did post what the pet was on the forum.

regards
You got through OK :)
If anyone would like to find that file and check it please do.

Barry is on holiday at the moment
By making public any concerns you may have they can be investigated by our special team
of detective blood hounds :)
- anyone up for it?

I understand and appreciate your concern not to 'cast aspersions'
but no one believes there is anything other than a false positive
- which has already been documented.

If a mistake has been made, then we would rather know
Something can be done :)

Puppy Linux
Open Source at its best
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

tubby
Posts: 317
Joined: Sat 24 Jan 2009, 15:49

#10 Post by tubby »

Thanks for following it up Lobster, i am hoping it is a false positive.

Post Reply