On 06/11/2014 09:31 AM, Al Varnell wrote:
According to the forum link you gave us you should "set your scanner to ignore sst files, which are not executable and cannot catch a virus.” -Al-
_________________
- in case of interest, Carlos Robinson, on the opensuse list, kindly explained :
It is an indirect threat to Windows users only, who*need* to run an antivirus full-time, who may be*confused* by the messages about having a virus in the bitcoin folders, and may be tempted to delete those files or allow the antivirus to do so, mistakenly, or to remove or disable the antivirus globally. As the link says, disable testing of that particular type of file, or that type of file in that particular directory. Those files do not even contain any virus. They just contain certain strings, like text, that happen to be the particular sequence of bytes that antivirus use to detect certain viruses. Meaning: suppose the virus "I'M VERY BAD" contains somewhere in hte code the text "ImVeRyBaD". An antivirus that scans a file and sees the string "ImVeRyBaD" says “WARNING! That file contains the virus "I'M VERY BAD". You should triple destroy that file immediately! Life danger!” And the file in question could be just a plain text file or an email in where somebody tells another guy that he saw the alias "ImVeRyBaD" painted in a wall in the street. So, somebody is playing jokes, and intentionally inserting those known trigger strings into those bitcoin files, to make them trigger the antivirus warning, on purpose, to stir the pot or have a laugh at you, or whatever. The files themselves are perfectly safe, they contain no virus. Disclaimer: any occurrence of "ImVeRyBaD" in real life is coincidental and non intentional. The author makes no claim to the existence of such a malware or alias, nor is there any intentional correlation to any such person living or dead, etc etc etc. :-)))) -- Cheers / Saludos, ................... thank you _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
