Virus problem...
Cybe R. Wizard
cyber_wizard at mindspring.com
Sat Mar 20 02:32:13 UTC 2010
On Fri, 19 Mar 2010 19:05:28 -0700
NoOp <glgxg at sbcglobal.net> wrote:
> On 03/19/2010 04:10 PM, Ray Parrish wrote:
> > Ray Parrish wrote:
> >> Hello,
> >>
> >> Well, evidently it is not impossible to get a virus in Ubuntu...
> >> have a look at this screen shot of clamav.
> >> http://www.rayslinks.com/Screenshot-68.png
> >>
> >> When I select quarantine file from the clamav pop up menu, the
> >> file listings disappear, but when I select empty quarantine, it
> >> tells me there is nothing to delete. Then when I do a scan again,
> >> this listing pops up again with the same files.
> >>
> >> Any ideas how I'm going to get out of this without a complete
> >> re-install?
> >>
> >> Thanks for any help you can be. Ray Parrish
> >>
> > I suspect the following download of being the source of the
> > infection, as I gave this install script permission to execute, and
> > ran it with sudo... here are the reults of that run -
> >
> > http://www.alice.org/index.php?page=alice3/download
> >
> > ray at RaysComputer:~/Downloads$ sudo /home/ray/Downloads/Alice.sh
> > Configuring the installer...
> > Searching for JVM on the system...
> > Extracting installation data...
> >
> > Installer file /home/ray/Downloads/Alice.sh seems to be corrupted
>
> Perhaps you have a false positive? The offline installer:
> Alice3BetaInstaller-Complete-3.0.0.1.1-linux.sh
> is 557Mb (downloading it now). So that would be the reason your
> /download started to fill with large files (I suspect).
>
> I scanned the offline download file:
> $ md5sum Alice3BetaInstaller-Online-3.0.0.1.1-linux.sh
> ee972a5deffb222458ee403e09ca26b5
> Alice3BetaInstaller-Online-3.0.0.1.1-linux.sh
> with a fully updated Bitdefender (linux - BD for unices) and found no
> issue with it. I also scanned with a fully updated clamav 0.95.3. I
> also looked at it with gvim & can't find anything obvious. Once the
> files are downloaded (offline) I'll slide them over to an isolated
> test machine and have another look.
>
> There are some dd in the online installer:
> > checkFreeSpace $size "$name"
> > LAUNCHER_TRACKING_SIZE_BYTES=`expr
> > "$LAUNCHER_TRACKING_SIZE" \* "$FILE_BLOCK_SIZE"`
> >
> > if [ 0 -eq $diskSpaceCheck ] ; then
> > dir=`dirname "$name"`
> > message "$MSG_ERROR_FREESPACE" "$size"
> > "$ARG_TEMPDIR" exitProgram $ERROR_FREESPACE
> > fi
> >
> > if [ 0 -lt "$fullBlocks" ] ; then
> > # file is larger than FILE_BLOCK_SIZE
> > dd if="$LAUNCHER_FULL_PATH" of="$name" \
> > bs="$FILE_BLOCK_SIZE" count="$fullBlocks"
> > skip="$start"\
> > > /dev/null 2>&1
> > LAUNCHER_TRACKING_SIZE=`expr
> > "$LAUNCHER_TRACKING_SIZE" + "$fullBlocks"`
> > LAUNCHER_TRACKING_SIZE_BYTES=`expr "$LAUNCHER_TRACKING_SIZE" \*
> > "$FILE_BLOCK_SIZE"` fi if [ 0 -lt "$oneBlocks" ] ; then
> > dd if="$LAUNCHER_FULL_PATH" of="$name.tmp.tmp"
> > bs="$FILE_BLOCK_SIZE" count=1\ skip="$oneBlocksStart"\
> > > /dev/null 2>&1
> >
> > dd if="$name.tmp.tmp" of="$name" bs=1
> > count="$oneBlocks" seek="$fullBlocksSize"\
> > > /dev/null 2>&1
> >
> > rm -f "$name.tmp.tmp"
> > LAUNCHER_TRACKING_SIZE=`expr
> > "$LAUNCHER_TRACKING_SIZE" + 1`
>
> But I doubt those are nefarious (could be wrong of course). That
> said, I do get the "seems to be corrupted" corrupted msg when trying
> to run the Alice3BetaInstaller-Complete-3.0.0.1.1-linux.sh file.
> Perhaps it might be a good idea to contact:
> http://kenai.com/projects/alice/pages/InstallerProblem
> Or check on the Alice forums for further help?
>
Hmmm, Alice3BetaInstaller-Online-3.0.0.1.1-linux.sh is only 3.1 MB.
Where would the difference be between online installation and offline
installation?
Cybe R. Wizard
--
When Windows are opened the bugs come in.
Winduhs
More information about the ubuntu-users
mailing list