Hi, since updating Cygwin to the latest version, sshd.exe (running as a Windows service) is being continually flagged by Avast behaviour shield:
One of your programs is behaving strangely, which could be a sign of malware.
Path: D:\Cygwin\usr\sbin\sshd.exe
Infection: IDP.Generic
If you choose the “Ignore” action, the dialogue box will disappear, but will reappear a short time later.
Support info:
Windows Server 2012 R2 Essentials
Cygwin openssh version: 7.5p1-1
Avast program version: 17.2.2517 (build 17.2.3419.64)
Virus definitions version: 170509-4
With thanks in advance,
Rob
I know it seems stupid, but Avast is asking all false positives to be reported here: https://www.avast.com/false-positive-file-form.php
They have acknowledged the Behavior Shield isn’t great, and submitted reports will help fix issues.
Ah, really useful, thanks for your help!
I’ve submitted the file using the form as suggested.
Best regards,
Rob
MikeGnb
September 6, 2023, 8:42am
4
Submitting reports helps fix issues ? This topic is more than 6 years old, I just installed Avast One on a new PC with sshd, and it still tells me “We blocked sshd.exe because the site [sic] is infected with IDP.Generic” !!! Are they serious ?