Hello all,
Greetings of the day!!
,
While scanning the Rocky-9.6-x86_64-dvd.iso file with Bitdefender, we received an alert related to:
Gen:Application.WinexeSvc.1
(File path reference inside ISO: AppStream → Packages → samba-winexe-…)
We would like to request your assistance in confirming whether this detection is expected or if it indicates any modification or risk within the ISO file.
For verification, please confirm:
Whether the samba-winexe component is officially included in the Rocky Linux 9.6 ISO.
Whether this alert could be a known false positive from antivirus products.
If any additional checks or actions are recommended from your side.
Sounds like a false positive to me and yes a package of that name does exist:
root@rocky9:~# dnf list *winexe*
Available Packages
samba-winexe.x86_64 4.21.3-14.el9_6 appstream
BitDefender obviously needs to fix their product. Suggest you report it to them.
1 Like
Do you, by any chance, have the checksum of the ISO you scanned - and do you know which hashing algorithm you used (e.g., SHA-256, MD5)??
Thank you so much @iwalker as per your suggestion we will report to BitDefender same
1 Like
Hi @nebraskacoder
yes hashing algorithm SHA256 and both bytes and checksum matching as well
Rocky-9.6-x86_64-dvd.iso: 12851544064 bytes
SHA256 (Rocky-9.6-x86_64-dvd.iso) = 8ff2a47e2f3bfe442617fceb7ef289b7b1d2d0502089dbbd505d5368b2b3a90f
Thanks. I was ruling out the ISO coming from a different source.
1 Like
Was the ISO scanned form a Windows device, or from linux?
If it’s running on Windows and and just checking inside the ISO “file by file”, it probably will want to (correctly) warn about this file.
