sshd.exe infected with IDP.Generic?
Brian Inglis
Brian.Inglis@SystematicSw.ab.ca
Fri Jul 10 20:37:19 GMT 2020
On 2020-07-10 13:59, Marco Atzeri via Cygwin wrote:
> On 10.07.2020 21:01, Ernie Rael wrote:
>> On Win7. To get an elevated shell, I typically do "$ ssh xxx@yyy". And not
>> very often.
>> Below is an excerpt of something potentially horrible that just happened.
>> Note the
>> rm *
>> I exited the shell. I did the "ssh..." again (yeah I'm crazy), in a different
>> bash window. And this time avast reported that it stashed sshd.exe into the
>> virus chest.
> check on a online virus scan.
> I will bet in a false positive
IDP.Generic is just a generic *warning* from an identity detection protection
scanner that a flakey AV detects privileged software contains some instructions
or does something that it recognizes as similar to some identity theft malware.
$ sha256sum /usr/sbin/sshd.exe
e666018d4a22b5424385d3752b0a2718a3525e68cf1b448d4f7037bfa40c77eb */usr/sbin/sshd.exe
https://www.virustotal.com/gui/file/e666018d4a22b5424385d3752b0a2718a3525e68cf1b448d4f7037bfa40c77eb/detection
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in IEC units and prefixes, physical quantities in SI.]
More information about the Cygwin
mailing list