Cygwin SSH service continually caught by behaviour shield

[REDACTED]

Hi, since updating Cygwin to the latest version, sshd.exe (running as a Windows service) is being continually flagged by Avast behaviour shield:

One of your programs is behaving strangely, which could be a sign of malware.
Path: D:\Cygwin\usr\sbin\sshd.exe
Infection: IDP.Generic

If you choose the "Ignore" action, the dialogue box will disappear, but will reappear a short time later.

Support info:

• Windows Server 2012 R2 Essentials
• Cygwin openssh version: 7.5p1-1
• Avast program version: 17.2.2517 (build 17.2.3419.64)
• Virus definitions version: 170509-4

With thanks in advance,
Rob

[Manley]

I know it seems stupid, but Avast is asking all false positives to be reported here: https://www.avast.com/false-positive-file-form.php

They have acknowledged the Behavior Shield isn't great, and submitted reports will help fix issues.

[REDACTED]

Ah, really useful, thanks for your help!
I've submitted the file using the form as suggested.

Best regards,
Rob

[Mike Gnb]

Submitting reports helps fix issues ? This topic is more than 6 years old, I just installed Avast One on a new PC with sshd, and it still tells me "We blocked sshd.exe because the site [sic] is infected with IDP.Generic" !!! Are they serious ?