setup-x86.exe has virus and is blocked by Malware Detectors
Andrey Repin
anrdaemon@yandex.ru
Mon May 19 22:28:00 GMT 2014
Greetings, Robert Pendell!
>>>> I agree, it probably does not have a virus; but it has a virus signature.
>>>
>>>This is covered in the FAQ at http://cygwin.com/faq.html#faq.setup.virus
>>
>> Thanks for pointing that out. I should have remembered the FAQ.
> It is actually flagging the fact that setup.exe is packed using upx
> since at one point (or maybe still) virus authors had packed their
> binaries with upx in order to try to evade scanners. Upx in itself
> though is not a virus and the false flag should probably be removed by
> the antivirus company.
More so, normal (i.e. modern) antivirus scanners are capable of unpacking UPX
archives since... I really can't remember, most of the scanners I've been
working with were capable of that in '95. May be earlier.
Blatantly marking anything that is packed with UPX as a malware is... telling
us so much about the quality of scanner code and sanity of it's authors.
--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 20.05.2014, <01:24>
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list