False Positive: Cygwin

I see some detection in Cygwin packages.

The main site is http://www.cygwin.com/ and additional site is Cygwin Ports

Cygwin is a Unix-like environment running under Windows and is rather big in some circles :slight_smile:

The latest ‘setup.exe’ (installer) is detected as ‘UnclassifiedMalware’

Several Cygwin binaries are also detected as infected.

I believe these to be false positives.

This also makes shadow backups fail as long as Comodo anti-virus is active because shadow copies are detected as infected and there is no Comodo mechanism (that I know of) that may declare shadow copies safe.

Regards.

Hi rurikc,

We are going to have a look at it and will get back to you after investigation.

Thanks and Regards,
Leno

Hi rurikc,

Reported FP has been fixed in DB 4602. Please update and confirm it.

Regards,
Haja