Originally Posted by
tlutz
Can someone confirm that this threat exists or provide a reasonable explanation as to why this was detected as a threat?
Thank you,
Tom
I think as said above it is a false positive. Line 25 of compileline.grm in the source package for the program contains this command which is probably what causes Symantec to complain:
Code:
cat /etc/passwd | mail president@whitehouse.gov
But I don't think it executes that code at all. The compileline.grm file contains lots of possible commands and parts of commands that are then put together to come up with random commands, which the program then displays on the screen to make it look like you are doing work (as you can see in the attached screenshot).
I assume Symantec just searches files for commands similar to the one above, and just assumes it's a virus regardless of context (it doesn't understand that the command is just a text string that doesn't get executed).
Bookmarks