False Positive: Cygwin

I see some detection in Cygwin packages.

The main site is http://www.cygwin.com/ and additional site is Cygwin Ports

Cygwin is a Unix-like environment running under Windows and is rather big in some circles :slight_smile:

The latest ‘setup.exe’ (installer) is detected as ‘UnclassifiedMalware’

Several Cygwin binaries are also detected as infected.

I believe these to be false positives.

This also makes shadow backups fail as long as Comodo anti-virus is active because shadow copies are detected as infected and there is no Comodo mechanism (that I know of) that may declare shadow copies safe.


Hi rurikc,

We are going to have a look at it and will get back to you after investigation.

Thanks and Regards,

Hi rurikc,

Reported FP has been fixed in DB 4602. Please update and confirm it.