clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus

M Rusli linuxsecuritymrusli at gmail.com
Sat May 4 21:41:59 UTC 2013 

Hi Dave,

Thanks!

Clamav scan engine have been updated to 0.97.8.




On Sat, May 4, 2013 at 7:54 PM, Dave M <dave.nerd at gmail.com> wrote:

> Hi,
>
> It's okay to check things with PUA settings - sometimes they really
> are "unwanted" applications.  You did the right thing by asking others
> to verify and submitting it to VT for a second opinion.
>
> Sorry, I have no idea when FreeBSD will upgrade.  It all comes down to
> the FreeBSD maintainer - when they get to it and upload it.  Fedora
> doesn't have it yet either.
>
> respectfully
> dave
>
> On Sat, May 4, 2013 at 6:48 AM, M Rusli <linuxsecuritymrusli at gmail.com>
> wrote:
> > Hi Dave,
> >
> > I did another scan and this time I disable the PUA settings. And clamtk
> did
> > not detect any virus.
> >
> > I did double confirm with virustotal. And it did not detect anything.
> >
> > But when I do a scan again with PUA, it detected as
> > PUA.Win32.PackerMingwGcc-2 virus.
> >
> > By the way, clamav have an updated version of the virus engine to version
> > 0.97.8.
> >
> > Any luck when the new update version will come in for the Freebsd
> version???
> >
> >
> > On Sat, May 4, 2013 at 7:22 PM, Dave M <dave.nerd at gmail.com> wrote:
> >>
> >> Hi,
> >>
> >> I'm not sure what that file is, but you could verify with that package
> >> owner's upstream that it's good to go.
> >>
> >> Keep in mind that the "threat" name is "PUA" (for potentially unwanted
> >> application) and seems to be warning based on the type of packer or
> >> compiler used.  In fact, you probably have the "Scan for PUAs" option
> >> checked in your ClamTk preferences, otherwise this would not have
> >> alerted.
> >>
> >> Once the upstream verifies it (hopefully :), please submit the file to
> >> ClamAV (at clamav.net) as a false positive, assuming it is one.
> >>
> >> Let me know if I can be of assistance.
> >>
> >> thanks,
> >> Dave M
> >>
> >> On Sat, May 4, 2013 at 6:04 AM, M Rusli <linuxsecuritymrusli at gmail.com>
> >> wrote:
> >> > Hi
> >> >
> >> > I did a full scan on my computer with up-to-date virus of clamtk.
> >> >
> >> > It indicates that the
> >> > /usr/local/lib/python2.7/site-packages/setuptools-0.6c11-py2.7.egg
> >> > contains
> >> > PUA.Win32.PackerMingwGcc-2 virus.
> >> >
> >> > Can you verify whether this is a PUA virus?
> >> >
> >> > Thank you.
> >> >
> >> > Rusli
> >
> >
>

More information about the freebsd-ports mailing list