Date: Sat, 4 May 2013 06:22:33 -0500 From: Dave M <dave.nerd@gmail.com> To: M Rusli <linuxsecuritymrusli@gmail.com> Cc: ports@freebsd.org, tj@freebsd.org, secteam@freebsd.org Subject: Re: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus Message-ID: <CAPk1mureXe11Ci5aWNyWBQ1BO7yJ9baT=Y0X9XdGAeUkBx9cOA@mail.gmail.com> In-Reply-To: <CADUSB=wR-VAkSYwHOXvnhPaT48WEePP8L7coTnbijV320=Y0Pw@mail.gmail.com> References: <CADUSB=wR-VAkSYwHOXvnhPaT48WEePP8L7coTnbijV320=Y0Pw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I'm not sure what that file is, but you could verify with that package owner's upstream that it's good to go. Keep in mind that the "threat" name is "PUA" (for potentially unwanted application) and seems to be warning based on the type of packer or compiler used. In fact, you probably have the "Scan for PUAs" option checked in your ClamTk preferences, otherwise this would not have alerted. Once the upstream verifies it (hopefully :), please submit the file to ClamAV (at clamav.net) as a false positive, assuming it is one. Let me know if I can be of assistance. thanks, Dave M On Sat, May 4, 2013 at 6:04 AM, M Rusli <linuxsecuritymrusli@gmail.com> wrote: > Hi > > I did a full scan on my computer with up-to-date virus of clamtk. > > It indicates that the > /usr/local/lib/python2.7/site-packages/setuptools-0.6c11-py2.7.egg contains > PUA.Win32.PackerMingwGcc-2 virus. > > Can you verify whether this is a PUA virus? > > Thank you. > > Rusli
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPk1mureXe11Ci5aWNyWBQ1BO7yJ9baT=Y0X9XdGAeUkBx9cOA>