I wanted to download and test the version 16 of the LAMP stack uisng Firefox and I get this notification from the browser saying that the ISO file may contain a malware or virus.  I think it may be that my ESET antivirus is mistaking the file to be malicious?

Just want to make sure this is not the case before proceeding.

Any clarification would be appreciated.


Jeremy Davis's picture

I have never had a report that any of our ISOs have triggered a warning such as that, so it's certainly a surprise to me. I can confirm that our ISOs (and other builds) do not contain any malicious software to the best of my knowledge. They certainly didn't when I uploaded them, and on face value, they appear to be the same images that I uploaded.

Having said that, I can't guarantee that what is going on on your computer is not malicious. It seems unlikely, but perhaps your browser is being hijacked (by some malicious code unconnected to us) to download a file that isn't coming from our mirror?

If you have more information about the warning that you are seeing (e.g. a log file with details of what issue it's hitting), please fee free to share and I'll give you my further thoughts.

In the meantime, so long as you just "download" the ISO file (i.e. don't auto run it with anything) and double check against the hashes (I'll also post the hashes below). The hash file is also signed by our GPG release key, so you can also download it and double check that you have the right/legitimate hash file. You can find our GPG release key (Fingerprint: A8B2 EF42 8781 9B03 D351 6CCA 7623 1C20 425E 9772) for v16.x images either on the SKS keyserver network (e.g. Ubuntu keyserver) under the email release-buster-images@turnkeylinux.org . And/or you can also find it in our GitHub "common" repo.

The hashes for the v16.0 LAMP appliance ISO are:

$ sha256sum turnkey-lamp-16.0-buster-amd64.iso
2d42d4b0361be01aaf1d6451b6bbf3915da5fed478e075be9fd86f3e944eb7f6  turnkey-lamp-16.0-buster-amd64.iso

$ sha512sum turnkey-lamp-16.0-buster-amd64.iso
44a551fbb4ff44d481afad614143115f9a8ca40656f4389905c279dadb35f483c27c1735d107a789f74269960e25dff2920a4c23ef8192346fe8181eee61dfe9  turnkey-lamp-16.0-buster-amd64.iso


I have checked against the hashes and they all match after downloading the file on another machine.  So I tried downloading again on the computer I got the 'malicious software' message from and this time I didn't get the notification about the file being malicious.  I have no idea why it happened and I can't duplicate it.

I should have checked the hashes before sending an inquiry!

Thanks for the reply though as it prompted me to check the hashes.


Jeremy Davis's picture

Glad to hear that the hashes matched up. It's still a bit strange, but glad to hear that things appear to all be ok.

Any further questions or feedback to you, please feel free to share! :)

Add new comment