On 2/27/2012 6:01 AM, Tom Szczesny wrote:
Sat 2012-02-25 17:39:23.0618 Begin passive write scan (330 file(s))
Sat 2012-02-25 17:39:26.0660 Begin passive write scan (7 file(s))
Sat 2012-02-25 17:39:27.0425 Infection detected:
c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5:
0563061137E462BF38717F90488C4504] [3/00080000] [Trojan.Dropper]
Sat 2012-02-25 17:39:27.0425 File blocked in realtime:
c:\cygwin\lib\python2.6\distutils\command\wininst-9.0.exe [MD5:
0563061137E462BF38717F90488C4504, Size: 196096 bytes] [524288/00000003]
[Trojan.Dropper]
Sat 2012-02-25 17:39:27.0425 Determination flags modified: MD5:
0563061137E462BF38717F90488C4504, Size: 196096 bytes, Flags: 00000020
Sat 2012-02-25 17:39:27.0581 Performing cleanup entry: 1
Sat 2012-02-25 17:39:27.0659 End passive write scan (7 file(s))
Sat 2012-02-25 17:39:29.0921 End passive write scan (330 file(s))
This was detected using "Webroot SecureAnywhere -- Complete".
This may be a false possitive, but I thought I should report it.
--
I will bet on false positive
http://www.viruschief.com/report.html?report_id=923867e00c38395a36f8ed0291bf10b5422a4022
Filename: wininst-9.0.exe
Size (Bytes): 196096
MD5 Hash: 0563061137e462bf38717f90488c4504
Report link:
AntiVirus Engine Version Definition Version Status
Antivir 7.4.0.37 6.39.0.81 Nothing found
ArcaVir 1.0.4 2006.01.27 Nothing found
AVG 7.5.51 269.9.14/883 Nothing found
BitDefender 7.60825 7.60825 Nothing found
VirusBlokAda32 3.12.16.4 2012.02.24 Nothing found
VirusBuster 4.3.23:9 (2007-02-16) 9.86.8/11.0 Nothing found
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
