monkey13 Posted March 21, 2008 Share Posted March 21, 2008 When I'm trying to view the shift art Avast! is reporting a trojan Win32:Flooder-M [Trj] for http://www.shiftlinux.net/uploads/preview/...-1202868518.jpg Visited through http://www.shiftlinux.net/art/view/148 Don't get it for any of the other art. Anyone confirm this or is it a false positive? Link to comment Share on other sites More sharing options...
Jyang Posted March 21, 2008 Share Posted March 21, 2008 I use AntiVir in Windows and nothing happened. Strange a .jpg can't be an executable so it should be safe. I downloaded the image and scanned it through virustotal and only Avast! detects it as malware. Click here for the analysis. Link to comment Share on other sites More sharing options...
Krome Posted March 21, 2008 Share Posted March 21, 2008 Norton didn't detect any anomaly Link to comment Share on other sites More sharing options...
markwolfe Veteran Posted March 21, 2008 Veteran Share Posted March 21, 2008 ...Strange a .jpg can't be an executable so it should be safe. ... jpeg (and other image) files can carry a malicious payload. Windows and Linux both had a problem a year or two ago with malformed images potentially carrying executable payloads. Link to comment Share on other sites More sharing options...
Jyang Posted March 21, 2008 Share Posted March 21, 2008 Only if the libraries handling them have vulnerabilities that can be exploited that's why I said "it should be safe" ;) Link to comment Share on other sites More sharing options...
markwolfe Veteran Posted March 21, 2008 Veteran Share Posted March 21, 2008 Sure. Backpedalling from "can't be an executable" to "can contain an executable" is ok with me. ;) Link to comment Share on other sites More sharing options...
Jyang Posted March 21, 2008 Share Posted March 21, 2008 But still I don't think an image uploaded by a Shift Linux developer could contain malicious code. :| Link to comment Share on other sites More sharing options...
p858snake Posted March 22, 2008 Share Posted March 22, 2008 But still I don't think an image uploaded by a Shift Linux developer could contain malicious code. :| anyone with a neowin account can upload to the art center Link to comment Share on other sites More sharing options...
Barney T. Administrators Posted March 22, 2008 Administrators Share Posted March 22, 2008 I'll have Dave Legg check into it.......thanks for letting us know! Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted March 22, 2008 Developer Share Posted March 22, 2008 (edited) AVG have an alias for the same virus/trojan, and I just ran it through there, and it found nothing. I'm certain this is a false positive. It's the second time an image uploaded by Nicholas-C has thrown up a warning like this, I'm wondering if there's something in the way he's saving them that's causing it. Edit: Have contacted Avast, lets see if they can do anything to stop this happening again. Edited March 22, 2008 by DaveLegg Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted March 22, 2008 Developer Share Posted March 22, 2008 Avast have replied to me confirming this is a false positive and they will fix this in their next update. Link to comment Share on other sites More sharing options...
-Vivicidal- Posted March 26, 2008 Share Posted March 26, 2008 Hasn't set my Avast off. Maybe it's fixed? Link to comment Share on other sites More sharing options...
The_Decryptor Veteran Posted March 26, 2008 Veteran Share Posted March 26, 2008 Yeah, Avast updated a couple of hours ago, and nothing's showing for me any more. And it just updated again as I typed that. Link to comment Share on other sites More sharing options...
Recommended Posts