Mail Archives: cygwin/2009/07/09/11:50:26

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2009/07/09/11:50:26

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=-1.5 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW,RCVD_NUMERIC_HELO,SPF_HELO_PASS,SPF_PASS

X-Spam-Check-By: sourceware.org

To: cygwin AT cygwin DOT com

From: Erik <cygwin AT stealth DOT demon DOT nl>

Subject: Re: Virus on sed.exe

Date: Thu, 9 Jul 2009 15:43:49 +0000 (UTC)

Lines: 37

Message-ID: <loom.20090709T153527-129@post.gmane.org>

References: <4A555ABC DOT 6020401 AT gmail DOT com> <4A55ED43 DOT 9030407 AT ebrady DOT net> <B33B8C07661B413F90AEBF303C181019 AT phoenix>

Mime-Version: 1.0

User-Agent: Loom/3.14 (http://gmane.org/)

X-IsSubscribed: yes

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Jason Pyeron <jpyeron <at> pdinc.us> writes:

> 
> > -----Original Message-----
> > From: Ed Brady
> > Sent: Thursday, July 09, 2009 9:15
> > To: Dave Korn
> > 
> > Thanks,
> > All file look good,  I submitted to a couple of online file 
> > scanner sites and they confirmed no problem.  This appears to 
> > be a false positive with CA Antivirus...
> > 
> > BTW: After posting this message to the board I found 6 
> > additional exe files that also caused false positives.  I 
> > posted these new files in a message to the board also, 
> > however they all checked out good also..
> 
> BTW, it would be nice if you could include the md5sum/version/etc of the files
> which had false positives in your reply so others may search/verify it.
> 

Hi,

Same problem here. eTrust Antivirus detected 106 files within my Cygwin
directory which are 'infected' by Win32/AMalum.ZZ<xyz>. I think these are false
positives. We have a rigorous policy concerning the security of our systems. No
files can easily get onto our system. No other files on my system are infected
according to eTrust Antivirus. Would be odd if only Cygwin files are infected.

I have reported this to CA (8 hours ago), but they have not responded yet.

Don't have md5sums (and can't create them anymore ;-).

Cheers,
Erik

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-1.5 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW,RCVD_NUMERIC_HELO,SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By:	sourceware.org
To:	cygwin AT cygwin DOT com
From:	Erik <cygwin AT stealth DOT demon DOT nl>
Subject:	Re: Virus on sed.exe
Date:	Thu, 9 Jul 2009 15:43:49 +0000 (UTC)
Lines:	37
Message-ID:	<loom.20090709T153527-129@post.gmane.org>
References:	<4A555ABC DOT 6020401 AT gmail DOT com> <4A55ED43 DOT 9030407 AT ebrady DOT net> <B33B8C07661B413F90AEBF303C181019 AT phoenix>
Mime-Version:	1.0
User-Agent:	Loom/3.14 (http://gmane.org/)
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com