This is cross-posted in the BuildOS thread as I initially thought it was a problem w/the updater. But it's not; There is a potentially very serious issue with the PPCGeeks_OEM.rar file.
For a couple of weeks, I've been trying to reflash my device with the latest kitchen. But every time I ran the updater, I was getting an error that the PPCGeeks_OEM file was missing. This was immediately after I watched the updater download it. I would watch the file appear in the download directory under \temp and then it would just disappear. There were no issues with the other .rar files.
I finally tracked this down to McAfee running on my system. It is a corporate version controlled by IT policies that do not permit turning it off, etc. Anyway, I discovered entries in it's log with timestamps occurring around the same times as I was running the updater complaining about a trojan that had been quarantined.
This morning, I checked my application event log and found a number of McAfee log events stating:
Quote:
Event Type: Error
Event Source: McLogEvent
Event Category: None
Event ID: 259
Date: 8/10/2008
Time: 9:21:43 PM
User: NT AUTHORITY\SYSTEM
Computer: ***********
Description:
The file C:\Program Files\PPCkitchen.org-save4\BuildOS\Kitchens\PPCGeeks_OEM.rar\EBOOK.HTM contains the Generic Downloader.ce Trojan. Undetermined clean error, deleted successfully. Detected using Scan engine version 5200.2160 DAT version 5357.0000.
|
I URGENTLY suggest that someone investigate this. If somehow, the PPCGeeks/BuildOS system is being used to infect PC's that are not adequately protected, then it could ruin a good thing we have going here.
I'd really like to understand why no one else has seen this. Is noone else running into this issue that has up-to-date AV?