| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Spam-Check-By: | sourceware.org |
| From: | "Dave Korn" <dave DOT korn AT artimi DOT com> |
| To: | <cygwin AT cygwin DOT com> |
| References: | <c6ec56fa0808310723id391f6ct97815b6c93c209b8 AT mail DOT gmail DOT com> <c6ec56fa0808311519v120ff2e2g5b1cd5c6434e01cf AT mail DOT gmail DOT com> <c6ec56fa0808311525k75e98705jbf6352ec0c66c754 AT mail DOT gmail DOT com> <c6ec56fa0808311530v4b2ad674h87c787db297c841d AT mail DOT gmail DOT com> |
| Subject: | RE: is sddt.exe part of the cygwin installer? (possible corruption of gatech mirror) |
| Date: | Mon, 1 Sep 2008 00:33:43 +0100 |
| Message-ID: | <019101c90bc2$029b8f80$9601a8c0@CAM.ARTIMI.COM> |
| MIME-Version: | 1.0 |
| X-Mailer: | Microsoft Office Outlook 11 |
| In-Reply-To: | <c6ec56fa0808311530v4b2ad674h87c787db297c841d@mail.gmail.com> |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
Eric Freudenthal wrote on 31 August 2008 23:30:
> I just installed cygwin under vista from a http mirror on
> gtlab.gatech.edu. I noticed that an process named sddt.exe gobbled
> many cycles during the installation. afterwards, I could neither find
> a file by this name, nor could find it in the cygwin tars. I'd love
> to know that sddt was supposed to run at that time, and would probably
> be better off knowing if it was not.
Bad news I'm afraid. There's nothing called "sddt.exe" in any cygwin
package (see http://cygwin.com/packages/ where you can search for it), and
google finds a few places referring to it as malware. You'd better assume the
worst.
I don't *think* the gatech mirror is corrupt; the signatures on the setup
index files verify ok. However, if it did come from there, it'd likely still
be inside one of the tarballs in your local package dir; you might want to
rename the existing one safely out of the way and try reinstalling from a
different mirror.
If you can find the sddt.exe file, try submitting it to the Jotti or
Virustotal online scanning services and see what they say. Sysinternals'
Autorun and ProcessExplorer will come in handy here... but now we're getting
OT.
cheers,
DaveK
--
Can't think of a witty .sigline today....
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |