This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: anybody else also infected


I don't think that faq would have avoided or truncated this thread. It 
seems related, but it is in fact different.

If someone followed the instructions in the faq, they would have had a 
false positive reported on cygz.dll. Whenever the cygz.dll file was 
called (say, by invoking cygcheck), the real-time scanning of NAV popped 
up with "cygz.dll is infected with backdoor.egghead, and has been 
quarantined".

Maybe an addition to that faq needs to be made, that some antivirus 
programs (specifically symantec) have had false positives on cygwin dlls.

Just as an FYI, this same false positive for backdoor.egghead was seen 
on the cygwin1.dll from the 1.3.2-1 distribution.

-Peter

Larry Hall (RFK Partners, Inc) wrote:

> Hm, it seems like this entire thread could have been avoided or at least
> truncated by a simple visit to the FAQ:
> 
> Is setup.exe, or one of the packages, infected with a virus?
> http://cygwin.com/faq/faq_2.html#SEC11
> 
> Larry Hall                              lhall@rfk.com
> RFK Partners, Inc.                      http://www.rfk.com
> 838 Washington Street                   (508) 893-9779 - RFK Office
> Holliston, MA 01746                     (508) 893-9889 - FAX
> 
> 
> At 08:39 AM 2/14/2002, hongxun lee wrote:
> 
>>Sorry for the panic...My bet is all you can do is to update the package zlib
>>...
>>NAV this morning had released its new vir-definition..Thanks
>>
>>----- Original Message -----
>>From: "KAMDAR,NILESH (A-Sonoma,ex1)" <nilesh_kamdar2@agilent.com>
>>To: <lee.1801@osu.edu>
>>Sent: Wednesday, February 13, 2002 10:58 PM
>>Subject: anybody else also infected
>>
>>
>>
>>>Hello  Hongxun Lee,
>>>
>>>(I am not on the mailing list of cygwin so I am emailing directly to you)
>>>
>>>I have the same problem. My cygwin1.dll and cygz.dll file are in
>>>
>>quarantine.
>>
>>>NAV claims that they are infected with the BAckdoor.Egghead virus but I
>>>
>>dont
>>
>>>see any other signs besides the above 2 files. I Think NAV definitions are
>>>wrong!!!!
>>>
>>>I actually have SEVERAL customers who are going to complain about this
>>>tomorrow. So I am trying to find a quick resolution. I have also posted my
>>>question to Symantec.
>>>
>>>I am hoping that Symantec sends out newer update virus definitions which
>>>
>>DO
>>
>>>NOT cause this error.
>>>
>>>Let me know if you get any updates from them.
>>>
>>>Thanks.
>>>--Nilesh Kamdar
>>>
>>>
>>
>>--
>>Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>>Bug reporting:         http://cygwin.com/bugs.html
>>Documentation:         http://cygwin.com/docs.html
>>FAQ:                   http://cygwin.com/faq/
>>
> 
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> 


-- 
1 Timothy 4:12 (NIV)- Don't let anyone look down on you because you are 
young, but set an example for the believers
in speech, in life, in love, in faith, and in purity.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]