Bitdefender detecting a file from cygwin as a trojan

Bitdefender detecting a file from cygwin as a trojan

[Tyme LaDow]

[-- Attachment #1: Type: text/plain, Size: 600 bytes --]

Hey,

I'm running Windows 10 Pro v. 10.0.19042 build 19042 and I installed cygwin
at least a year ago and haven't touched it since June 2020.  Today,
November 25th, 2021, I got a notification from Bitdefender that it had
detected a trojan and quarantined it.  The threat notification says "Item
was blocked. Threat name: Trojan.GenericKDZ.80660. Path:
C:\cygwin64\bin\dumper.exe."

Searching online gave results from 2014, 2015, and 2018, but nothing within
the timeframe of when I last installed/updated. Is this a false positive,
and is it safe to have Bitdefender restore the file and exclude it?

[-- Attachment #2: cygcheck.out --]
[-- Type: application/octet-stream, Size: 63246 bytes --]

Re: Bitdefender detecting a file from cygwin as a trojan

[Csaba Raduly]

Hi,

On Thu, 25 Nov 2021 at 20:33, Tyme LaDow via Cygwin  wrote:
>
> Hey,
>
> I'm running Windows 10 Pro v. 10.0.19042 build 19042 and I installed cygwin
> at least a year ago and haven't touched it since June 2020.  Today,
> November 25th, 2021, I got a notification from Bitdefender that it had
> detected a trojan and quarantined it.  The threat notification says "Item
> was blocked. Threat name: Trojan.GenericKDZ.80660. Path:
> C:\cygwin64\bin\dumper.exe."

That is almost certainly a false positive. Restore the file, and
submit it to virustotal.com
if you want to be safe.

Perhaps you could try upgrading too.

Csaba
-- 
You can get very substantial performance improvements
by not doing the right thing. - Scott Meyers, An Effective C++11/14 Sampler
So if you're looking for a completely portable, 100% standards-conformant way
to get the wrong information: this is what you want. - Scott Meyers (C++TDaWYK)