X-Recipient: archive-cygwin@delorie.com
X-Original-To: cygwin@cygwin.com
Delivered-To: cygwin@cygwin.com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 4352D385829A
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=dinwoodie.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=dinwoodie.org
Date: Tue, 19 Jul 2022 13:40:48 +0100
From: Adam Dinwoodie <adam@dinwoodie.org>
To: cygwin@cygwin.com
Subject: Re: Fortinet AV reports virus in trust.exe
Message-ID: <20220719124048.7eivxtrruafh5lru@lucy.dinwoodie.org>
References: <DB4PR09MB577631D6280A8C47E58B5A55C28F9@DB4PR09MB5776.eurprd09.prod.outlook.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <DB4PR09MB577631D6280A8C47E58B5A55C28F9@DB4PR09MB5776.eurprd09.prod.outlook.com>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
Reply-To: cygwin@cygwin.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces+archive-cygwin=delorie.com@cygwin.com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie.com@cygwin.com>

On Tue, Jul 19, 2022 at 08:40:48AM +0000, Tuomo Takkula via Cygwin wrote:
> Hi,
> 
> Fortinet Antivirus reported W64/Encoder.834E!tr in my local cygwin installation. When I tried to rectify be reinstalling, Fortinet barked on the installation files as well. As this is a company box, I'm somewhat at the end of my tether  - cannot inspect or otherwise investigate the file. 
> That is I cannot check whether it's possibly a false positive or not.
> 
> What's the usual procedure for this?

https://cygwin.com/faq/faq.html#faq.setup.virus

In short: you'll need to take up the issue with Fortinet and/or your
employer's IT department.  It's very likely a false positive, and we're
not going to be able to help until or unless you can show otherwise.

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple