Slackware 13.1 DVD ISO image - Malware detected by avast?
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ZI scan everything just to make sure there are no potential malware. When I scanned this, it found 4 file right away detected as malware.
I also had the same issue with a Slackware 13.37 image I downloaded from https://archive.org yesterday and just thought maybe that was an infected image from an unknown site although Norton website check said archive.org was safe. But now after downloading from the official Slackware website and finding malware, I wonder if this is a false positive with Slackware DVD ISO images and avast or if I need to be worried.
I verified that the MD5 matched what was on the site for the ISO image using WinMD5Free.
Well, if you downloaded it from a valid mirror and the MD5 matched, there is certainly no malware and the issue should be sent to Avast so they can get their engine updated so others don't get a false positive.
Just as an FYI, Slackware 13.1 has its EOL (end of life) scheduled for 25 MAY 2015. After this date (2 weeks from today), there may no longer be any provided security updates. Pat and team plan support based on a five year schedule and in two weeks, it marks the 5 year anniversary of when Slackware 13.1 was released.
Just as an FYI, Slackware 13.1 will be 5 years old in 2 weeks from today. We don't know how long they will provide security updates for releases, but with 5 year old Linux software, you start quite behind the times and it can cause compatibilty issues if you're trying to run software that is more current. It is highly recommended to use a more modern release (14.1 being the latest).
Last edited by bassmadrigal; 05-11-2015 at 01:49 PM.
Reason: Edited after drmozes pointed out my error on EOL
Back in 2001, I ran a double-boot Slackware 7.1 and Windows 2000. The antivirus on the Windows partition detected a "malware" in the MBR and... decided to wipe LILO. That day precisely was the last day I actually used Windows for work. I've been 100 GNU/Linux since that time. Never looked back.
Well, if you downloaded it from a valid mirror and the MD5 matched, there is certainly no malware and the issue should be sent to Avast so they can get their engine updated so others don't get a false positive.
Indeed - I'd see exactly what pieces Avast identifies as malware and provide it as feedback. It's not the first time Windows virus scanners have identified Linux tools as viruses.
Quote:
Originally Posted by bassmadrigal
Just as an FYI, Slackware 13.1 has its EOL (end of life) scheduled for 25 MAY 2015. After this date (2 weeks from today), there may no longer be any provided security updates. Pat and team plan support based on a five year schedule and in two weeks, it marks the 5 year anniversary of when Slackware 13.1 was released. It is highly recommended to use a more modern release (14.1 being the latest -- which will be supported until Nov 2018).
There is no EOL announced for 13.1, and I'm not aware of any specific lengths of time being announced or committed to for which a Slackware release will be supported. Did you imply this from the note in the 12.2 ChangeLog?
There is no EOL announced for 13.1, and I'm not aware of any specific lengths of time being announced or committed to for which a Slackware release will be supported. Did you imply this from the note in the 12.2 ChangeLog?
It was listed on wikipedia's site and I just assumed I'd missed the memo of a 5-year support timeframe.
Haha... oops, I just realized that they had the "~" in front of the EOL date to signify that it is speculation. I'll adjust my initial post to reflect that. Thanks!
Either way, unless there is a solid reason, it doesn't make sense to install a 5 year old Slackware.
EDIT: I have changed wikipedia's entries to show "No EOL Announced" to prevent others from coming to the same conclusion as me.
Last edited by bassmadrigal; 05-11-2015 at 02:05 PM.
Reason: Added edit
+--------------------------+
Thu Jun 14 05:02:39 UTC 2012
####################################################################
# NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS #
# #
# Effective August 1, 2012, security patches will no longer be #
# provided for the following versions of Slackware (which will all #
# be more than 5 years old at that time): #
# Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0. #
# If you are still running these versions you should consider #
# migrating to a newer version (preferably as recent as possible). #
# Alternately, you may make arrangements to handle your own #
# security patches. If for some reason you are unable to upgrade #
# or handle your own security patches, limited security support #
# may be available for a fee. Inquire at security@slackware.com. #
####################################################################
+--------------------------+
Thu Jun 14 05:02:39 UTC 2012
####################################################################
# NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS #
# #
# Effective August 1, 2012, security patches will no longer be #
# provided for the following versions of Slackware (which will all #
# be more than 5 years old at that time): #
# Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0. #
# If you are still running these versions you should consider #
# migrating to a newer version (preferably as recent as possible). #
# Alternately, you may make arrangements to handle your own #
# security patches. If for some reason you are unable to upgrade #
# or handle your own security patches, limited security support #
# may be available for a fee. Inquire at security@slackware.com. #
####################################################################
Hope this helps.
Have fun & enjoy!
That does not apply here since none of these versions is the one OP is attempting to download. Also, as drmozes mentioned, Pat has made no mention of any planned EOL for 13.0 and up (12.1 and 12.2 were EOLed on 9 DEC 2013).
All that is mentioned is that the versions would be at least 5 years old before they were EOLed, but 13.0 is coming up on 6 years in August, so using 5 years doesn't work.
That does not apply here since none of these versions is the one OP is attempting to download. Also, as drmozes mentioned, Pat has made no mention of any planned EOL for 13.0 and up (12.1 and 12.2 were EOLed on 9 DEC 2013).
All that is mentioned is that the versions would be at least 5 years old before they were EOLed, but 13.0 is coming up on 6 years in August, so using 5 years doesn't work.
I believe the 'five years' comes from this portion of that changelog;
Quote:
# NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS #
# #
# Effective August 1, 2012, security patches will no longer be #
# provided for the following versions of Slackware (which will all #
# be more than 5 years old at that time):
PV will be the one who decides when to EOL a version.
Avast was in the news four days ago for wrecking e.g. "TeamViewer rendering it useless, Corel, and MS XNA framework" last Wednesday because of false positive errors. F*cking DLL! Avast false positive trashes Windows code libraries, The Register, 7 May 2015
Avast! is not a great antivirus solution for Windows like it used to be. It scans for a lot but has too many false positives nowadays. For my Windows machines, I only use Microsoft Security Essential and MalwareBytes Pro any more due to this. I haven't had too many false-positives with these, and usually these try to play fair now with other software.
Another try would be Comodo Internet Security also.
Odds are Avast doesn't understand something about the Slackware *.iso.
when I'm booted into Windows and run Malwarebytes, it finds a suspicious file on one of my external USB drives. The suspicious file is a HOWTO for something in Mac format. It's not malware, but Malwarebytes doesn't know what it is, so it flags the file.
As for downloading 13.1 instead of 14.1, I have an old Dell Inspiron 1501 Laptop with the integrated Radeon XPress X1150 graphics chip that ZI am trying to revive and that video chipset is a pain with new Linux releases so I have been trying lots of releases with the 2.6.33 or later kernel so I get TRIM support as per this website here: http://wiki.cchtml.com/index.php/Hardware.
The older Radeon drivers only work with Linux Kernel 2.6.28 or older, so was trying to find a kernel closest to that that supports TRIM which is why I have been messing around with older releases.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.