Cygwin setup reporter as malware
Dan Harkless
cygwin-list21@harkless.org
Wed Dec 7 21:54:04 GMT 2022
On 12/7/2022 8:20 AM, Sylwester Rutkowski via Cygwin wrote:Hi,
> The setup-x86_64.exe is reported as malicious at https://www.virustotal.com/gui/file/edd0a64dc65087ffe453ca94b267169b39458a983b29ac31320fcaa983d0f97e/detection
>
> Can this be resolved somehow?
No. It's normal and common for software like Cygwin, which has the
power to be used maliciously (as opposed to, say, a Minesweeper game or
something), to have false positives on VirusTotal for a handful of
vendors. I've never heard of SecureAge or Trapmine (hmm, maybe it
*would* flag Minesweeper...), and I'm pretty well educated in the
anti-malware space, so if it were me, I'd just ignore those false
positives and pay attention to the credible AV software results (and the
Community Score).
If you have some corporate policy requiring things to have 0 detections
on VirusTotal or something, your only recourse is to contact the
SecureAge and Trapmine vendors and convince them somehow to fix their
false positives.
--
Dan Harkless
http://harkless.org/dan/
More information about the Cygwin
mailing list