Closed joax01 closed 3 weeks ago
Basically a dup of #85 and various others. u-config is clearly not malware, you can build from source and audit yourself. There's nothing that can be done, this is NOT an issue.
See also the comments on #93 and #100 Third party antivirus is straight "snake oil" and I would recommend uninstalling it, if you are able to.
Regarding avast specifically, it quite literally IS malware. https://www.theverge.com/2024/2/22/24080135/avast-security-privacy-software-ftc-fine-data-harvesting
As @Peter0x44 said, a false positive. Avast is confused, overconfident, and overselling its capabilities (i.e. snakeoil). Note how it doesn't hedge and say that it "might" be infected, but flatly says that it is infected, which is obviously incorrect.
In fact, pkg-config.exe is in the unusual situation in that it's feasible to manually verify the binary. It neither contains nor links runtime code (no CRT). Every byte of code in the binary corresponds to a line in the included pkg-config.c, and can be accounted for. You can also compile a bit-for-bit identical binary using w64devkit itself. The build command is listed in the included Dockerfile (search for "pkg-config.exe"). If you enable debug information (-g) and don't strip (no -s, --gc-sections), the code remains unchanged, but you get the map of code bytes to source lines, i.e. for objdump -dS or addr2line.
I get avast threat in file pkg-config.exe. See picture from screen attached.