Dan Harkless via Cygwin wrote:
On 12/9/2022 3:39 AM, Oskar Skog via Cygwin wrote:
On 2022-12-07 23:54, Dan Harkless via Cygwin wrote:
> No. It's normal and common for software like Cygwin, which has the
> power to be used maliciously (as opposed to, say, a Minesweeper
game or > something), to have false positives on VirusTotal for a
handful of > vendors. I've never heard of SecureAge or Trapmine
(hmm, maybe it > *would* flag Minesweeper...), and I'm pretty well
educated in the > anti-malware space, so if it were me, I'd just
ignore those false > positives and pay attention to the credible AV
software results (and the > Community Score).
You may have thought you were joking, but...
https://www.virustotal.com/gui/file/bcff89311d792f6428468e813ac6929a346a979f907071c302f418d128eaaf41
This is not just *a* minesweeper game, it is *the* minesweeper game
from Window XP.
LOL! You're right, I'd never heard about that, and was just using
Minesweeper as an obviously safe example program. And whaddaya know,
it's SecureAge and Trapmine (oy!) that "flag" it. I guess the lesson
is to always ignore SecureAge and Trapmine results on VirusTotal, and
the OP should suggest VirusTotal drop those two from their AV software
suite.
Thanks for the amusing link, Oskar.
Amusing, indeed.
This was less amusing: After I released this file Dec 30, 2018, it
scored 7/67 and then 13/70 a few hours later, including well-known AV
vendors:
https://www.virustotal.com/gui/file/bf0416c2e214c6323fdf1af8b853f761c846760f02950453c8a5bb276c961fbe
After FP reports to several vendors, it slowly dropped down to 1-2
detections until March 2019.
Experience since then suggests that some noise of ~2 detections from not
well-known AV is normal.
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
