[arch-general] ClamAV Flagging systemd package
Maksim Fomin
mxfm at protonmail.com
Sat Jul 14 16:56:36 UTC 2018
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On July 14, 2018 3:19 PM, LoneVVolf <lonewolf at xs4all.nl> wrote:
>
>
> On 14-07-18 16:52, David Murray via arch-general wrote:
>
> > Greetings,
> >
> > My nightly full-system ClamAV scan kicked out this last night:
> >
> > /var/cache/pacman/pkg/systemd-238.133-4-x86_64.pkg.tar.xz: Unix.Trojan.Vali-6606621-0 FOUND
> >
> > Is this something I should be concerned about?
> >
> > TIA,
> >
> > Dave
Is this some of sort of joke or desire to receive attention? There are lots of false positives from antivirus software, especially in case of linux. Trojan in signed systemd package (if true) would have already done (Clamav found virus in 238 version) enormous damage to arch installations.
> https://www.virustotal.com/#/file/1aef694958c06497a8c5e98b0e6914b2a9af48faff736fcb42e3855377ee8e19/detection
>
> That shows 2 engines that detect something, Baidu and ClamAV .
>
> https://pcfixguides.com/how-to-effectively-remove-unix-trojan-vali-6606621-0-from-your-computer/
>
> It appears to be able to infect windows and Mac systems, and does look
>
> threatening.
This page looks like a search fake site which generates page in accordance to your request. Look at deliberate generalized (to fit random search) and unprofessional language ("ought to rank top in the list of danger", "When it goes into your PC, your security application will caution you that a few bugs are distinguished on your system", "From that point on, blue screen of death will regularly happen", "expects to break down the system security. To begin with, it would release the insurance, and then open the accesses for virus, adware, spyware, browser hijacker, etc." - wtf???, "is fit for controlling documents on your PC. It could unreservedly eliminate them, transform them, and in most of time, it will hijack them" ...)
More information about the arch-general
mailing list