* Re: cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert
@ 2018-06-30 17:14 Richard Watt
2018-06-30 19:10 ` David Stacey
0 siblings, 1 reply; 3+ messages in thread
From: Richard Watt @ 2018-06-30 17:14 UTC (permalink / raw)
To: cygwin
Hi,
Did anyone else get a virus warning from the cygwin Digest 25 Jun 2018
00:46:06 -0000 Issue 10882?
I'm using avast! antivirus on Windows 7 SP1 64-bit and it flagged up
detecting a "Win32:Malware-gen" threat, but a Google Search reveals a
MalwareBytes forum thread saying that this is a false positive (and
there's nothing quarantined) either.
Best regards,
--
Richard Watt
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert
2018-06-30 17:14 cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert Richard Watt
@ 2018-06-30 19:10 ` David Stacey
2018-06-30 20:47 ` Brian Inglis
0 siblings, 1 reply; 3+ messages in thread
From: David Stacey @ 2018-06-30 19:10 UTC (permalink / raw)
To: cygwin
On 30/06/18 13:19, Richard Watt wrote:
> Did anyone else get a virus warning from the cygwin Digest 25 Jun 2018
> 00:46:06 -0000 Issue 10882?
It's an unsolicited invoice from someone you've never heard of. Of
course it's malware :-)
It's an attachment to this post [1], compressed with gzip. The
compressed version passes through VirusTotal cleanly. If you unpack the
file, though, you discover that it isn't a PDF at all (surprise,
surprise) but a .NET executable. And quite a few anti-virus tools flag
it as something unpleasant [2].
Dave.
[1] - https://cygwin.com/ml/cygwin/2018-06/msg00264.html
[2] -
https://www.virustotal.com/#/file/06c5c0701c5702dbe126ca2918e3ffdec8337f2a98b80939fdd0518e44fbffa6/detection
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert
2018-06-30 19:10 ` David Stacey
@ 2018-06-30 20:47 ` Brian Inglis
0 siblings, 0 replies; 3+ messages in thread
From: Brian Inglis @ 2018-06-30 20:47 UTC (permalink / raw)
To: cygwin
On 2018-06-30 10:09, David Stacey wrote:
> On 30/06/18 13:19, Richard Watt wrote:
>> Did anyone else get a virus warning from the cygwin Digest 25 Jun 2018
>> 00:46:06 -0000 Issue 10882?
> It's an unsolicited invoice from someone you've never heard of. Of course it's
> malware :-)
> It's an attachment to this post [1], compressed with gzip. The compressed
> version passes through VirusTotal cleanly. If you unpack the file, though, you
> discover that it isn't a PDF at all (surprise, surprise) but a .NET executable.
> And quite a few anti-virus tools flag it as something unpleasant [2].
I get sourceware ezmlm bounce warnings, when my domain mail forwarder bounces
mail with malware, and I don't see most of the spam, as my personal ISP account
filter is configured to dump spam instead of flagging it.
I don't see a few announce posts, as some appear to get dumped by my ISP as
spam, and my mail client puts some other posts into my Junk folder.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-06-30 17:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-30 17:14 cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert Richard Watt
2018-06-30 19:10 ` David Stacey
2018-06-30 20:47 ` Brian Inglis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).