This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: VIRUS: XWin.exe 1.12.0-4 "Bloodhound.Sonar.9"


Greetings, Watts, Simon (UK)!

> Just performed a routine update to cygwin, which resulted in the updated XWin.exe being quarantined due to a virus threat.

> Details:

>         setup.exe version:      2.769
>         source:         http://cygwin.xl-mirror.nl
>         xorg-servers-common version:    1.12.0-4

> Symantec Endpoint Protection reported XWin.exe contained "Bloodhound.Sonar.9"

>         file size:      2828127
>         hash:   157814B5160244D44E469CA9829124DABA14426F3D60E6A22B52E953625CA0B2
>         category:       application heuristic
>         scan type:      SONAR
>         SONAR Risk level:       High
>         SONAR:  High

> Reverting back to 1.12.0-3 from same source does *not* show this issue.

> Could be a false positive?  But AV policy prevents me from running it.

>From the report, it seems like it's AV heuristic backfired.
https://www.virustotal.com/file/157814b5160244d44e469ca9829124daba14426f3d60e6a22b52e953625ca0b2/analysis/


--
WBR,
Andrey Repin (anrdaemon@freemail.ru) 23.04.2012, <14:39>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]