From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5759 invoked by alias); 6 Feb 2010 07:53:46 -0000 Received: (qmail 5749 invoked by uid 22791); 6 Feb 2010 07:53:45 -0000 X-SWARE-Spam-Status: No, hits=-0.8 required=5.0 tests=AWL,BAYES_20,SARE_MSGID_LONG40,SPF_PASS X-Spam-Check-By: sourceware.org Received: from mail-ww0-f43.google.com (HELO mail-ww0-f43.google.com) (74.125.82.43) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sat, 06 Feb 2010 07:53:39 +0000 Received: by wwi17 with SMTP id 17so934854wwi.2 for ; Fri, 05 Feb 2010 23:53:37 -0800 (PST) MIME-Version: 1.0 Received: by 10.216.91.84 with SMTP id g62mr2060876wef.216.1265442815342; Fri, 05 Feb 2010 23:53:35 -0800 (PST) In-Reply-To: <25b6e51f1002052224t13f31ce3n16b899fea5bde84c@mail.gmail.com> References: <25b6e51f1002052224t13f31ce3n16b899fea5bde84c@mail.gmail.com> Date: Sat, 06 Feb 2010 07:53:00 -0000 Message-ID: Subject: Re: Virus in bin/bitmap.exe ? From: Robert Pendell To: The Vulgar and Unprofessional Cygwin-Talk List Content-Type: text/plain; charset=UTF-8 X-IsSubscribed: yes Mailing-List: contact cygwin-talk-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: cygwin-talk-owner@cygwin.com Reply-To: The Vulgar and Unprofessional Cygwin-Talk List Mail-Followup-To: cygwin-talk@cygwin.com X-SW-Source: 2010-q1/txt/msg00033.txt.bz2 On Sat, Feb 6, 2010 at 1:24 AM, Nicolas Gorse wrote: > Hello, > > I am installing the latest version of cygwin, downloaded from > http://mirror.csclub.uwaterloo.ca/cygwin and during the installation, > my anti-virus just reported the following problem: > > Scan type: Auto-Protect Scan > Event: Risk Found! > Security risk detected: Suspicious.MH690 > File: C:\cygwin\bin\bitmap.exe > Location: C:\cygwin\bin > > Scan type: Auto-Protect Scan > Event: Risk Found! > Security risk detected: Suspicious.MH690 > File: C:\cygwin\bin\metaflac.exe > Location: C:\cygwin\bin > > Is this expected?!? > > Regards, > > N. > Norton\Symantec has a poor behavior detection method. Not only that but they refused my offer to submit binaries for their analysis so they could improve it. Even their newest Sonar 2 gives a false detection on cygwin compiled binaries. Robert Pendell shinji@elite-systems.org CAcert Assurer "A perfect world is one of chaos."