distal-attribute
distal-attribute
distal-attribute
distal-attribute

revision 4706 with virus

samurat2000 posted 10 months ago in General
jobery posted 10 months ago
my antivirus detected it will be happening? unhappy
kalvaro posted 10 months ago
I've just submitted both 32 and 64 bit binaries to VirusTotal and got zero detections out of 53 virus engines, including Avira:

32 bit
64 bit

Assuming you got HeidiSQL from this site, it's possible that it's just a false positive that's already been fixed :-?
kalvaro posted 10 months ago
Oops, sorry, please ignore my post. The on-line engine scanned the site itself, not the files (403 Forbidden).
kalvaro posted 10 months ago
New analysis (downloading files to my computer and uploading to VirusTotal):

32 bit 2/49
64 bit: 0/38
Installer

Only the 32-bit binary seems affected. Still, it feels like a false positive...

kalvaro posted 10 months ago
Installer: 0/49
jobery posted 10 months ago
http://www.heidisql.com/buils/heidisql32,r4706.exe with TR/Spy.ZBot.kre.11
jobery posted 10 months ago
http://www.heidisql.com/buils/heidisql32.r4706.exe with TR/Spy.ZBot.kre.11
ansgar posted 10 months ago
Adrien included a new internal unit in r4706: System.RegularExpressions. That's most probably causing a similarity to the mentioned real virus. I highly guess it's a false positive. But I will talk to Adrien to roll back that commit, so we can see if that's true.
ansgar posted 10 months ago
Yes, it was a false positive. I just reverted r4706 and the 32bit build is fine again: https://www.virustotal.com/en/file/403a2126030c299beedcd3b3309bd025c38d8fe6d7a38fa964bc5f8fd06e3125/analysis/1392270749/

Probably a good thing, as we had two different regular expression libraries in Heidi, reduced to one again now.

Please login to leave a reply, or register at first.