Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 4 May 2013 06:22:33 -0500
From:      Dave M <dave.nerd@gmail.com>
To:        M Rusli <linuxsecuritymrusli@gmail.com>
Cc:        ports@freebsd.org, tj@freebsd.org, secteam@freebsd.org
Subject:   Re: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus
Message-ID:  <CAPk1mureXe11Ci5aWNyWBQ1BO7yJ9baT=Y0X9XdGAeUkBx9cOA@mail.gmail.com>
In-Reply-To: <CADUSB=wR-VAkSYwHOXvnhPaT48WEePP8L7coTnbijV320=Y0Pw@mail.gmail.com>
References:  <CADUSB=wR-VAkSYwHOXvnhPaT48WEePP8L7coTnbijV320=Y0Pw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi,

I'm not sure what that file is, but you could verify with that package
owner's upstream that it's good to go.

Keep in mind that the "threat" name is "PUA" (for potentially unwanted
application) and seems to be warning based on the type of packer or
compiler used.  In fact, you probably have the "Scan for PUAs" option
checked in your ClamTk preferences, otherwise this would not have
alerted.

Once the upstream verifies it (hopefully :), please submit the file to
ClamAV (at clamav.net) as a false positive, assuming it is one.

Let me know if I can be of assistance.

thanks,
Dave M

On Sat, May 4, 2013 at 6:04 AM, M Rusli <linuxsecuritymrusli@gmail.com> wrote:
> Hi
>
> I did a full scan on my computer with up-to-date virus of clamtk.
>
> It indicates that the
> /usr/local/lib/python2.7/site-packages/setuptools-0.6c11-py2.7.egg contains
> PUA.Win32.PackerMingwGcc-2 virus.
>
> Can you verify whether this is a PUA virus?
>
> Thank you.
>
> Rusli



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPk1mureXe11Ci5aWNyWBQ1BO7yJ9baT=Y0X9XdGAeUkBx9cOA>