This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Possible security problem -- in Python module
- From: marco atzeri <marco dot atzeri at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Mon, 27 Feb 2012 07:34:09 +0100
- Subject: Re: Possible security problem -- in Python module
- Authentication-results: mr.google.com; spf=pass (google.com: domain of marco.atzeri@gmail.com designates 10.68.240.135 as permitted sender) smtp.mail=marco.atzeri@gmail.com; dkim=pass header.i=marco.atzeri@gmail.com
- References: <BAY156-W33C29570B8FCDFF6D64D83C9690@phx.gbl>
On 2/27/2012 6:01 AM, Tom Szczesny wrote:
Sat 2012-02-25 17:39:23.0618 Begin passive write scan (330 file(s))
Sat 2012-02-25 17:39:26.0660 Begin passive write scan (7 file(s))
Sat 2012-02-25 17:39:27.0425 Infection detected: c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5: 0563061137E462BF38717F90488C4504] [3/00080000] [Trojan.Dropper]
Sat 2012-02-25 17:39:27.0425 File blocked in realtime: c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5: 0563061137E462BF38717F90488C4504, Size: 196096 bytes] [524288/00000003] [Trojan.Dropper]
Sat 2012-02-25 17:39:27.0425 Determination flags modified: MD5: 0563061137E462BF38717F90488C4504, Size: 196096 bytes, Flags: 00000020
Sat 2012-02-25 17:39:27.0581 Performing cleanup entry: 1
Sat 2012-02-25 17:39:27.0659 End passive write scan (7 file(s))
Sat 2012-02-25 17:39:29.0921 End passive write scan (330 file(s))
This was detected using "Webroot SecureAnywhere -- Complete".
This may be a false possitive, but I thought I should report it.
--
I will bet on false positive
http://www.viruschief.com/report.html?report_id=923867e00c38395a36f8ed0291bf10b5422a4022
Filename: wininst-9.0.exe
Size (Bytes): 196096
MD5 Hash: 0563061137e462bf38717f90488c4504
Report link:
AntiVirus Engine Version Definition Version Status
Antivir 7.4.0.37 6.39.0.81 Nothing found
ArcaVir 1.0.4 2006.01.27 Nothing found
AVG 7.5.51 269.9.14/883 Nothing found
BitDefender 7.60825 7.60825 Nothing found
VirusBlokAda32 3.12.16.4 2012.02.24 Nothing found
VirusBuster 4.3.23:9 (2007-02-16) 9.86.8/11.0 Nothing found
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple