04-10-2017, 09:47 PM
(This post was last modified: 04-11-2017, 01:32 PM by newtusmaximus.)
"2017-04-10 21:11:41: savscan.log On-demand scan details: master boot records scanned: 0, boot records scanned: 0, files scanned: 62838, scan errors: 165, threats detected: 1, infected files detected: 1
2017-04-10 21:11:41: log.threat Threat detected in /usr/bin/lite-info: Linux/EncPk-BE during on-demand scan. (The file is still infected.)
2017-04-10 21:11:42: savscan.log On-demand scan finished.!
First time running Sophos . savscan / to scan all content. Purpose to ensure any files I forward to colleagues are not infected - Files may have been created/sourced from non secure sources /pcs
This report came up. Unsure of its relevance?
Advice/thoughts appreciated
https://www.sophos.com/en-us/threat-cent...Pk-BE.aspx
UPDATE
In attempt to remove "threat" witn "savscan -remove" SOPHOS is asking whether "Proceed with removal of /usr/bin/lite-info ([Y]es/[N]o/[A]ll) ? No"
I presume this suggesting the removal of the whole lite-info?? In doing so what effect would that have on the rest of the LL3.2 64 bit operating system on this pc??
FURTHER UPDATE
The above information is from a scan of my desktop HPdc7700p running what was LL3.2 64 bit and this morning upgraded to 3.4 64 bit. Virus still detected after this morning's upgrade.
I have this morning loaded SOPHOS onto the family Fuji si1520 and done a full scan with latest virus library.
Again the same outcome "Threat detected in /usr/bin/lite-info: Linux/EncPk-BE during on-demand scan
Removal of this "threat" on the Fuji Si1520 failed using " sudo savscan / -remove"
UPDATE
Second attempt at removing threat on the Fuji Si1520 was successful . Resulted in removal of the lit-info file - Will see what adverse effect the removal of the file has on the further running of LL3.4 64bit on that machine. Removal of the file was chosen as an alternative to disinfection as the latter would not have repaired any "infected" area of that file.
This morning loaded SOPHOS onto the Fuji3405 machine (running LL3.4 32 bit) , updated virus library and "sudo savscan / " No virus detected
SUMMARY - Virus detected in lite-info file on both of the LL3.4 64 bit machines - Not aware that any files have been shared between the two machine - although there might have been. Things in common. Both machines upgraded with additional ram and LL3.2 64bit iso (downloaded 24/03/2017) and burned onto DVD used. Both systems subsequently upgraded to LL3.4 64bit Looking further for any other common factors - software downloads etc
Urgent help please on significance of findings, and any ideas as to where from the "infection" originated Thank you
2017-04-10 21:11:41: log.threat Threat detected in /usr/bin/lite-info: Linux/EncPk-BE during on-demand scan. (The file is still infected.)
2017-04-10 21:11:42: savscan.log On-demand scan finished.!
First time running Sophos . savscan / to scan all content. Purpose to ensure any files I forward to colleagues are not infected - Files may have been created/sourced from non secure sources /pcs
This report came up. Unsure of its relevance?
Advice/thoughts appreciated
https://www.sophos.com/en-us/threat-cent...Pk-BE.aspx
UPDATE
In attempt to remove "threat" witn "savscan -remove" SOPHOS is asking whether "Proceed with removal of /usr/bin/lite-info ([Y]es/[N]o/[A]ll) ? No"
I presume this suggesting the removal of the whole lite-info?? In doing so what effect would that have on the rest of the LL3.2 64 bit operating system on this pc??
FURTHER UPDATE
The above information is from a scan of my desktop HPdc7700p running what was LL3.2 64 bit and this morning upgraded to 3.4 64 bit. Virus still detected after this morning's upgrade.
I have this morning loaded SOPHOS onto the family Fuji si1520 and done a full scan with latest virus library.
Again the same outcome "Threat detected in /usr/bin/lite-info: Linux/EncPk-BE during on-demand scan
Removal of this "threat" on the Fuji Si1520 failed using " sudo savscan / -remove"
UPDATE
Second attempt at removing threat on the Fuji Si1520 was successful . Resulted in removal of the lit-info file - Will see what adverse effect the removal of the file has on the further running of LL3.4 64bit on that machine. Removal of the file was chosen as an alternative to disinfection as the latter would not have repaired any "infected" area of that file.
This morning loaded SOPHOS onto the Fuji3405 machine (running LL3.4 32 bit) , updated virus library and "sudo savscan / " No virus detected
SUMMARY - Virus detected in lite-info file on both of the LL3.4 64 bit machines - Not aware that any files have been shared between the two machine - although there might have been. Things in common. Both machines upgraded with additional ram and LL3.2 64bit iso (downloaded 24/03/2017) and burned onto DVD used. Both systems subsequently upgraded to LL3.4 64bit Looking further for any other common factors - software downloads etc
Urgent help please on significance of findings, and any ideas as to where from the "infection" originated Thank you
2006 - HP DC7700p ultraslim Desktop Intel 6300 cpu 4GB Ram LL3.8 64bit.
2007 - Fujitsu Siemens V3405 Laptop 2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram LL5.6 64 Bit
2014 - Fujitsu Siemens Lifebook E754 Intel i7 4712MQ 16GB Ram LL6.6
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit
2007 - Fujitsu Siemens V3405 Laptop 2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram LL5.6 64 Bit
2014 - Fujitsu Siemens Lifebook E754 Intel i7 4712MQ 16GB Ram LL6.6
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit
