| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-2.7 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW |
| X-Spam-Check-By: | sourceware.org |
| Received-SPF: | pass (google.com: domain of marco DOT atzeri AT gmail DOT com designates 10.68.240.135 as permitted sender) client-ip=10.68.240.135; |
| Authentication-Results: | mr.google.com; spf=pass (google.com: domain of marco DOT atzeri AT gmail DOT com designates 10.68.240.135 as permitted sender) smtp.mail=marco DOT atzeri AT gmail DOT com; dkim=pass header.i=marco DOT atzeri AT gmail DOT com |
| Message-ID: | <4F4B23E1.7000609@gmail.com> |
| Date: | Mon, 27 Feb 2012 07:34:09 +0100 |
| From: | marco atzeri <marco DOT atzeri AT gmail DOT com> |
| User-Agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Possible security problem -- in Python module |
| References: | <BAY156-W33C29570B8FCDFF6D64D83C9690 AT phx DOT gbl> |
| In-Reply-To: | <BAY156-W33C29570B8FCDFF6D64D83C9690@phx.gbl> |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On 2/27/2012 6:01 AM, Tom Szczesny wrote: > > > Sat 2012-02-25 17:39:23.0618 Begin passive write scan (330 file(s)) > Sat 2012-02-25 17:39:26.0660 Begin passive write scan (7 file(s)) > Sat 2012-02-25 17:39:27.0425 Infection detected: c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5: 0563061137E462BF38717F90488C4504] [3/00080000] [Trojan.Dropper] > Sat 2012-02-25 17:39:27.0425 File blocked in realtime: c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5: 0563061137E462BF38717F90488C4504, Size: 196096 bytes] [524288/00000003] [Trojan.Dropper] > Sat 2012-02-25 17:39:27.0425 Determination flags modified: MD5: 0563061137E462BF38717F90488C4504, Size: 196096 bytes, Flags: 00000020 > Sat 2012-02-25 17:39:27.0581 Performing cleanup entry: 1 > Sat 2012-02-25 17:39:27.0659 End passive write scan (7 file(s)) > Sat 2012-02-25 17:39:29.0921 End passive write scan (330 file(s)) > > > > This was detected using "Webroot SecureAnywhere -- Complete". > > This may be a false possitive, but I thought I should report it. > > -- I will bet on false positive http://www.viruschief.com/report.html?report_id=923867e00c38395a36f8ed0291bf10b5422a4022 Filename: wininst-9.0.exe Size (Bytes): 196096 MD5 Hash: 0563061137e462bf38717f90488c4504 Report link: AntiVirus Engine Version Definition Version Status Antivir 7.4.0.37 6.39.0.81 Nothing found ArcaVir 1.0.4 2006.01.27 Nothing found AVG 7.5.51 269.9.14/883 Nothing found BitDefender 7.60825 7.60825 Nothing found VirusBlokAda32 3.12.16.4 2012.02.24 Nothing found VirusBuster 4.3.23:9 (2007-02-16) 9.86.8/11.0 Nothing found -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |