Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com To: cygwin AT cygwin DOT com From: Pat Brown Subject: Re: is "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll for real? Date: Mon, 10 Jan 2005 14:07:37 -0500 Lines: 20 Message-ID: <41E2D279.1000704@ncbrowns.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet AT sea DOT gmane DOT org X-Gmane-NNTP-Posting-Host: user-0c8htvc.cable.mindspring.com User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) In-Reply-To: X-IsSubscribed: yes Laurence G Esmonde wrote: > We are using Trend Micro's OfficeScan and users at our site started > having cygcrypt-0.dll quarantined for BKDR_HACDEF.M around 8:15am EST. > Followed Trend's regedit procedures, but nobody was able to find the > corresponding registry entries that BKDR_HACDEF.M should have created. Several of my colleagues and I have seen the same issues with Office Scan, and failed to find any evidence of the described infection using Trend's directions. I tested my home system, which has an up-to-date AVG configuration, and it had no complaints. > Does anybody @ Cygwin have a copy of Trend Micro's software to see if it > trips up on the master TAR file? FWIW (probably not much), I also verified that the MD5 sum on my "infected" package matched the sum on my mirror (http://mirrors.rcn.net). Pat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/