This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: setup-x86.exe has virus and is blocked by Malware Detectors

Greetings, Robert Pendell!

>>>> I agree, it probably does not have a virus; but it has a virus signature.
>>>This is covered in the FAQ at
>> Thanks for pointing that out.  I should have remembered the FAQ.

> It is actually flagging the fact that setup.exe is packed using upx
> since at one point (or maybe still) virus authors had packed their
> binaries with upx in order to try to evade scanners.  Upx in itself
> though is not a virus and the false flag should probably be removed by
> the antivirus company.

More so, normal (i.e. modern) antivirus scanners are capable of unpacking UPX
archives since... I really can't remember, most of the scanners I've been
working with were capable of that in '95. May be earlier.
Blatantly marking anything that is packed with UPX as a malware is... telling
us so much about the quality of scanner code and sanity of it's authors.

Andrey Repin ( 20.05.2014, <01:24>

Sorry for my terrible english...

Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]