pc ~ # emerge --oneshot media-libs/amrwb Calculating dependencies... done! >>> Verifying ebuild manifests >>> Emerging (1 of 1) media-libs/amrwb-7.0.0.3 >>> Downloading 'http://www.3gpp.org/ftp/Specs/archive/26_series/26.204/26204-700.zip' --2009-09-16 17:15:40-- http://www.3gpp.org/ftp/Specs/archive/26_series/26.204/26204-700.zip Auflösen des Hostnamen »www.3gpp.org«.... 195.238.226.15 Verbindungsaufbau zu www.3gpp.org|195.238.226.15|:80... verbunden. HTTP Anforderung gesendet, warte auf Antwort... 200 OK Länge: 255757 (250K) [application/zip] In »/usr/portage/distfiles/26204-700.zip« speichern. 100%[======================================>] 255.757 83,6K/s in 3,0s 2009-09-16 17:15:49 (83,6 KB/s) - »/usr/portage/distfiles/26204-700.zip« gespeichert [255757/255757] ------------------------- snipp ------------------------- pc ~ # clamscan --detect-pua=yes --detect-structured=yes --heuristic-scan-precedence=yes --phishing-ssl=yes /usr/portage/distfiles/26204-700.zip /usr/portage/distfiles/26204-700.zip: Structured.CreditCardNumber FOUND ----------- SCAN SUMMARY ----------- Known viruses: 624088 Engine version: 0.95.2 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 1.89 MB Data read: 0.24 MB (ratio 7.82:1) Time: 2.679 sec (0 m 2 s)
It says: "Structured.CreditCardNumber", and that matches (total surprise!) to the format of a social security card number. It's NOT a virus pattern. I submitted the file to virustotal for you. Here are the results: http://www.virustotal.com/analisis/1b8ba234f5ac520650cb66aee1079491681afb7dba78eb717dca9534ae3598f0-1253212038 Closing INVALID.
