> something), to have false positives on VirusTotal for a
handful of > vendors. I've never heard of SecureAge or Trapmine
(hmm, maybe it > *would* flag Minesweeper...), and I'm pretty well
educated in the > anti-malware space, so if it were me, I'd just
ignore those fals
e positives on VirusTotal for a handful of
> vendors. I've never heard of SecureAge or Trapmine (hmm, maybe it
> *would* flag Minesweeper...), and I'm pretty well educated in the
> anti-malware space, so if it were me, I'd just ignore those false
> positives and pay atte
r heard of SecureAge or Trapmine (hmm, maybe it
*would* flag Minesweeper...), and I'm pretty well educated in the
anti-malware space, so if it were me, I'd just ignore those false
positives and pay attention to the credible AV software results (and the
Community Score).
You may have tho
On Wed, Dec 7, 2022 at 9:21 AM Sylwester Rutkowski wrote:
The setup-x86_64.exe is reported as malicious at
> https://www.virustotal.com/gui/file/edd0a64dc65087ffe453ca94b267169b39458a983b29ac31320fcaa983d0f97e/detection
>
> Can this be resolved somehow?
This is, of course, a false positive.
The
ell educated in the
anti-malware space, so if it were me, I'd just ignore those false
positives and pay attention to the credible AV software results (and the
Community Score).
If you have some corporate policy requiring things to have 0 detections
on VirusTotal or something, your only re
Hi,
The setup-x86_64.exe is reported as malicious at
https://www.virustotal.com/gui/file/edd0a64dc65087ffe453ca94b267169b39458a983b29ac31320fcaa983d0f97e/detection
Can this be resolved somehow?
Thanks,
Sylwester
--
Problem reports: https://cygwin.com/problems.html
FAQ:
.exe as Adware.Elex malware
On 2017-03-20 07:53, Ed Koerber via cygwin wrote:
> On Sunday, March 19, 2017 12:20 PM, Ed Koerber via cygwin wrote:
>> I am using the following version of cygwin on a Windows 7 computer:
>> $ uname -a
>> CYGWIN_NT-6.1 e250 2.6.0(0.304/5/3) 2016-08
;> Why does Malwarebytes flag this file:
>> C:\cygwin\usr\x86_64-w64-mingw32\sys-root\mingw\bin\qdbusviewer-qt5.exe
>> as Adware.Elex malware?
> Probable problem with Malwarebytes incorrectly flags the
> qdbusviewer-qt5.exe file reported here:
> https://forums.malwarebytes
Probable problem with Malwarebytes incorrectly flags the qdbusviewer-qt5.exe
file reported here:
https://forums.malwarebytes.com/topic/197975-malwarebytes-flags-qdbusviewer-qt5exe-as-adwareelex-malware/
Stay tuned for the response.
From: Ed Koerber via cygwin
On 03/19/2017 01:23 PM, René Berber wrote:
On 3/19/2017 12:18 PM, Ed Koerber via cygwin wrote:
It bears asking to be thorough... are we sure that the cygwin package
has not been compromised somehow?
You are correct in not taking unsubstantiated remarks as useful.
We usually run the program
; CYGWIN_NT-6.1 e250 2.6.0(0.304/5/3) 2016-08-31 14:27 i686 Cygwin
>>> Why does Malwarebytes flag this file:
>>> C:\cygwin\usr\x86_64-w64-mingw32\sys-root\mingw\bin\qdbusviewer-qt5.exe
>>> as Adware.Elex malware?
>> Probably because virus scanners are amongst the d
On 3/19/2017 6:05 PM, Chris Johnson wrote:
> Don't virus scanners in general get caught by other virus scanner
> because their databases have the same signatures as the viruses they
> look for? I don't know how to get around this other than an exclusion
> list.
Off-topic, this has nothing to do
Back to the list, and keep it there.
Forwarded Message
From: Chris Johnson
To: Do not reply
I'm probably going to catch hell for this.
Don't virus scanners in general get caught by other virus scanner
because their databases have the same signatures as the viruses they
lo
On 3/19/2017 12:18 PM, Ed Koerber via cygwin wrote:
> It bears asking to be thorough... are we sure that the cygwin package
> has not been compromised somehow?
You are correct in not taking unsubstantiated remarks as useful.
We usually run the program in question through https://www.virustotal.c
malware
On Sun, Mar 19, 2017 at 5:19 PM, Ed Koerber via cygwin
wrote:
> I am using the following version of cygwin on a Windows 7 computer:
>
> $ uname -a
> CYGWIN_NT-6.1 e250 2.6.0(0.304/5/3) 2016-08-31 14:27 i686 Cygwin
>
> Why does Malwarebytes flag this file:
>
>
r\x86_64-w64-mingw32\sys-root\mingw\bin\qdbusviewer-qt5.exe
>
> as Adware.Elex malware?
Probably because virus scanners are amongst the dumbest software on earth?
If you were to report it to Malwarebytes as a suspected false positive
that would be helpful.
>
> --
> Problem reports
I am using the following version of cygwin on a Windows 7 computer:
$ uname -a
CYGWIN_NT-6.1 e250 2.6.0(0.304/5/3) 2016-08-31 14:27 i686 Cygwin
Why does Malwarebytes flag this file:
C:\cygwin\usr\x86_64-w64-mingw32\sys-root\mingw\bin\qdbusviewer-qt5.exe
as Adware.Elex malware
Hi Cygwinners,
On 10/06/2016 3:19 AM, David Stacey wrote:
On 09/06/16 17:14, Corinna Vinschen wrote:
On Jun 9 18:02, Marco Atzeri wrote:
On 09/06/2016 17:52, Jack Adrian Zappa wrote:
Are you referring to the 83.dotm file? Looks highly suspicious. o.O
It is clearly spam or worse.
But som
Greetings, Corinna Vinschen!
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>> >
>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass whatever filter the cyg
On 09/06/16 17:14, Corinna Vinschen wrote:
On Jun 9 18:02, Marco Atzeri wrote:
On 09/06/2016 17:52, Jack Adrian Zappa wrote:
Are you referring to the 83.dotm file? Looks highly suspicious. o.O
It is clearly spam or worse.
But some of them will always pass whatever filter the cygwin mail
s
On Thu, Jun 9, 2016 at 12:14 PM, Corinna Vinschen wrote:
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>> >
>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass
On Jun 9 18:02, Marco Atzeri wrote:
> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
> >
>
> It is clearly spam or worse.
>
> But some of them will always pass whatever filter the cygwin mail
> server is implementing.
> So
On 09/06/2016 17:52, Jack Adrian Zappa wrote:
Are you referring to the 83.dotm file? Looks highly suspicious. o.O
It is clearly spam or worse.
But some of them will always pass whatever filter the cygwin mail
server is implementing.
Some of them are reaching any mailbox also company's one.
gt;>
>> On 09/06/2016 17:08, Nellis, Kenneth wrote:
>>>
>>> Dear Cygwin,
>>> A little supposition here, but it appears that the recent posting
>>> from Viverra Inc. contained a malicious attachment, as detected by
>>> my company's e-mail malw
On 09/06/2016 17:08, Nellis, Kenneth wrote:
Dear Cygwin,
A little supposition here, but it appears that the recent posting
from Viverra Inc. contained a malicious attachment, as detected by
my company's e-mail malware detection as it intercepted the recent
digest. I need now to appeal to th
Dear Cygwin,
A little supposition here, but it appears that the recent posting
from Viverra Inc. contained a malicious attachment, as detected by
my company's e-mail malware detection as it intercepted the recent
digest. I need now to appeal to them to allow me to continue
receiving e
On 7/14/2015 11:56 AM, Marco Atzeri wrote:
On 7/14/2015 5:21 AM, Brent wrote:
Hi Brenat,
please open a false positive report with Norton
Likely they will recognize the mistake and amend their database
Regards
Marco
As Symantec Endpoint Protection had the same problem
I opened a false po
On 7/14/2015 5:21 AM, Brent wrote:
On my work computer today, I ran cygwin's setup-x86_64.exe in order to get the
latest and greatest code.
Soon afterwards, Norton Business Suite autoran, and claimed that the new mintty
is malware (to be precise: WS.Malware.2).
This has never happened b
On my work computer today, I ran cygwin's setup-x86_64.exe in order to get the
latest and greatest code.
Soon afterwards, Norton Business Suite autoran, and claimed that the new mintty
is malware (to be precise: WS.Malware.2).
This has never happened before: both Norton and cygwin (incl
Following up to https://sourceware.org/ml/cygwin/2014-08/msg00204.html
having just joined this mailing list.
Cygwin32 all installed files current according to setup.ini with
setup-timestamp: 1413486609
python-setuptools-0.6.34-1.tar.bz2
AVG updated itself to 2015.0.5315 with virus db 4181/8400 t
On Sun, Aug 10, 2014 at 10:07 AM, Marco Atzeri wrote:
> On 10/08/2014 17:39, Doug Henderson wrote:
>> The detection of problems with these 4 files appears to be a false
>> positive.
>
>
> Hi Doug
> Can you open a false positive report to AVG ?
> http://www.avg.com/submit-sample
>
> Regards
> Mar
Greetings, Doug Henderson!
> Hi cygwin python maintainers and users,
> AVG Free detects malware in the gui.exe and gui-32.exe files which
> are part of the cygwin 64-bit versions of the python2 and python3
> setuptools package.
The report indicate the "corrupted executable fi
On 10/08/2014 17:39, Doug Henderson wrote:
Hi cygwin python maintainers and users,
AVG Free detects malware in the gui.exe and gui-32.exe files which
are part of the cygwin 64-bit versions of the python2 and python3
setuptools package.
These files are provided by the python-setuptools packages
Hi cygwin python maintainers and users,
AVG Free detects malware in the gui.exe and gui-32.exe files which
are part of the cygwin 64-bit versions of the python2 and python3
setuptools package.
These files are provided by the python-setuptools packages.
Reinstalling these packages will repair the
Greetings, Wes Kaefer!
> MGW: Heuristic.BehavesLike.Win32.ModifiedUPX.F...
---^
Heuristics. Please open your eyes before posting.
It did not detected anything, it suspected it may have something akin to a
known malware. Check the hash, and it is the same, file a false positive
rep
> the antivirus company.
More so, normal (i.e. modern) antivirus scanners are capable of unpacking UPX
archives since... I really can't remember, most of the scanners I've been
working with were capable of that in '95. May be earlier.
Blatantly marking anything that is packed wit
On Thu, May 15, 2014 at 3:45 PM, Christopher Faylor wrote:
> On Thu, May 15, 2014 at 08:36:29PM +0100, Adam Dinwoodie wrote:
>>On Thu, May 15, 2014 at 12:25:48PM -0700, Wes Kaefer wrote:
>>> I agree, it probably does not have a virus; but it has a virus signature.
>>
>>This is covered in the FAQ at
On Thu, May 15, 2014 at 08:36:29PM +0100, Adam Dinwoodie wrote:
>On Thu, May 15, 2014 at 12:25:48PM -0700, Wes Kaefer wrote:
>> I agree, it probably does not have a virus; but it has a virus signature.
>
>This is covered in the FAQ at http://cygwin.com/faq.html#faq.setup.virus
Thanks for pointing
On Thu, May 15, 2014 at 12:25:48PM -0700, Wes Kaefer wrote:
> I agree, it probably does not have a virus; but it has a virus signature.
This is covered in the FAQ at http://cygwin.com/faq.html#faq.setup.virus
> Is Cygwin Setup, or one of the packages, infected with a virus?
>
> Unlikely. Unless y
On Thu, May 15, 2014 at 12:25:48PM -0700, Wes Kaefer wrote:
>I agree, it probably does not have a virus; but it has a virus signature.
So your virus detection is issuing a false positive. You need to fix that.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http:
I agree, it probably does not have a virus; but it has a virus signature.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
The Malware Detectors are wrong. The program was built on Linux so it
isn't likely that a Windows virus crept in.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:
MGW: Heuristic.BehavesLike.Win32.ModifiedUPX.F...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
James Rome wrote:
Norton flagged regtool.exe and update-mime-database as malware in your
latest distribution.
This is likely a false positive, probably from some heuristic.
http://www.virustotal.com/analisis/1a11984377dcd2c68eb428397c124343e27e8fca3a178c2c405f5f4b775eeaed-1261839312
On Sat, Dec 26, 2009 at 9:50 AM, James Rome wrote:
> Norton flagged regtool.exe and update-mime-database as malware in your
> latest distribution.
>
> --
> James A. Rome
> Consultant
> Oak Ridge National Laboratory
> 865 482-5643
>
>
> --
> Problem reports:
Norton flagged regtool.exe and update-mime-database as malware in your
latest distribution.
--
James A. Rome
Consultant
Oak Ridge National Laboratory
865 482-5643
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http
Linda Walsh wrote:
Besides not being a cygwin util (as others have mentioned), whenever
I see someone posting an unsolicited, out-of-any-context
advertisement (spam) like this, my first thought is that someone is
trying to induce me to install their new "trojan" (or keylogger,
bot-sw, etc).
Of c
Besides not being a cygwin util (as others have mentioned), whenever
I see someone posting an unsolicited, out-of-any-context
advertisement (spam) like this, my first thought is that someone is
trying to induce me to install their new "trojan" (or keylogger,
bot-sw, etc).
Of course if they post t
Fred Ma wrote:
> After some surfing, I haven't found any evidence of malware targetting
> cygwin. I'm considering excluding the massive file tree from scans
> (AV, SpyBot, AdAware). I'd be interested in more experienced opinions
> about this. Thanks.
Thanks for your
Fred Ma wrote:
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
I'd still be wary of as-yet-
While it's true that not many viruses will target Cygwin directly,
there are some that target folders based on string matching. For
instance, a few years ago my computer at work caught a virus which
apparently tried to spread itself through peer-to-peer file-sharing.
It looked for folders with th
Fred Ma wrote:
Fred Ma wrote:
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
Larry Hall:
Any
Fred Ma wrote:
Fred Ma wrote:
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
Larry Hall:
Any
Fred Ma wrote:
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
Larry Hall:
Any such reports
Fred Ma wrote:
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
Any such reports on this list i
After some surfing, I haven't found any evidence of malware targetting
cygwin. I'm considering excluding the massive file tree from scans
(AV, SpyBot, AdAware). I'd be interested in more experienced opinions
about this. Thanks.
--
Unsubscribe info: http://cygwin.com/
56 matches
Mail list logo
