Cygwin setup reporter as malware

Dan Harkless cygwin-list21@harkless.org
Wed Dec 7 21:54:04 GMT 2022


On 12/7/2022 8:20 AM, Sylwester Rutkowski via Cygwin wrote:Hi,
> The setup-x86_64.exe is reported as malicious at https://www.virustotal.com/gui/file/edd0a64dc65087ffe453ca94b267169b39458a983b29ac31320fcaa983d0f97e/detection
>
> Can this be resolved somehow?

No.  It's normal and common for software like Cygwin, which has the 
power to be used maliciously (as opposed to, say, a Minesweeper game or 
something), to have false positives on VirusTotal for a handful of 
vendors.  I've never heard of SecureAge or Trapmine (hmm, maybe it 
*would* flag Minesweeper...), and I'm pretty well educated in the 
anti-malware space, so if it were me, I'd just ignore those false 
positives and pay attention to the credible AV software results (and the 
Community Score).

If you have some corporate policy requiring things to have 0 detections 
on VirusTotal or something, your only recourse is to contact the 
SecureAge and Trapmine vendors and convince them somehow to fix their 
false positives.

--
Dan Harkless
http://harkless.org/dan/



More information about the Cygwin mailing list