Eric Freudenthal wrote: > I just downloaded setup.exe from cygwin.com and sent it to virustotal. > A couple of services didn't like it: > > the report: > http://www.virustotal.com/analisis/ccb64d1f4e157ba250e1649f46868196 > > details: > eSafe 7.0.17.0 2008.08.31 Suspicious File > Prevx1 V2 2008.09.01 Suspicious
That means nothing, if sddt.exe is a known virus it should say so clearly. Notice that none of the big names report anything. The latest setup.exe uses a digital signature to protect against this very kind of problem, the installation packages are checked using a MD5 check sum. The possibility of somebody adding an infection is remote but, as Dave Korn's reply said, if it was, the virus must be inside one of the packages (and setup.ini had to be forged, and a pre- or post-install script changed to run the virus)... I'm not sure if it really is possible to spread it like that. You need to check the whole disk to find out where it is. If i remember correctly, several of the major anti-virus companies offer a scan through the Web (also the link I sent in my reply, but I don't know those guys). -- René Berber -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
