Virus Detected in SL files.

My antil virus says that it detects virus in SL but I don't know what to make of it. Please advise.

5/26/2007 10:19:26 PM SYSTEM 1676 Sign of "VME family" has been found in "C:\Documents and Settings\Application Data\SecondLife\cache\textures\c\c252bb12-0a0f-150c-eb29-f8f35f831a79" file.
5/21/2007 2:07:36 AM SYSTEM 1696 Sign of "VME family" has been found in "C:\Documents and Settings\Application Data\SecondLife\cache\textures\c\c252bb12-0a0f-150c-eb29-f8f35f831a79" file.
5/18/2007 8:41:06 PM SYSTEM 1696 Sign of "VME family" has been found in "C:\Documents and Settings\Application Data\SecondLife\cache\textures\c\c252bb12-0a0f-150c-eb29-f8f35f831a79" file.

Thanks

What AV software are you using?

Probably overcautious virusprog that tags suspect files, its not norton is it?

Maybe it is a corrupt texture file?

I wouldn't call it 'overly cautious virus checking', as you can get a virus from code insterted into a jpeg very easily. As anyone can upload a texture to the system, unless we rely totally on LL to scan everything, we must also rely on our own checkers. Personally, I would delete or at least quarentine the offending texture to prevent a potential threat. I never take for granted the source as being a reason to ignore, not after I downloaded and installed a virus checker a few years ago, only to discover the source file had become infected, on the companies own servers. What was more amazing was, the very virus checker that was infected, didn't detect it's own virus.
2 Days of low level formatting my systems, and reinstalling all my software, before I was able to read on the companies website, that they had mistakenly released a virus they had been working with, onto their own servers. Call me paranoid.

Your paranoid....

On a Windows system with all patches installed, it shouldn't be so easy. Those JPEG specific vulnerabilities allowed deliberately malformed JPEGs to execute code thanks to weaknesses in Microsoft's crappy JPEG parsing engine (TM). As SL doesn't use that engine to render JPEGs (even on an unpatched system), it shouldn't pose a problem even if an infected JPEG got in there. They can't even be double clicked (which would normally trigger the JPEG parsing engine) because the contaminated texture file is obfuscated and tangled up with other files in the cache.

Having said all that, it's my understanding that the VME Family is unrelated to the malformed JPEG exploit, and is also a classic false positive produced by the Avast anti-virus scanner.

Clearing SL's cache should get rid of it, but I'd follow that up with a virus check on the entire system because it's plausible that this infection came from some other software on your system. Ie. something that's replicating and infecting other files. I'd wager this not being the case (the false positive is most likely), but best to be ultra-cautious when things like this happen.

It may not necessarily be a false positive. Another possible scenario would be some manipulated JPEG having this particular piece of malware as its payload.

That makes me wondering how soon it will be with user-generated content exploiting security issues in the SL client? A keylogger or an 'addon' redirecting payments or such comes to my mind.

for those that have the dep protection in windows you can't put arbitrary code in an image anymore as windows tag the data files as data and prevent it to be executed.