distal-attribute
distal-attribute
distal-attribute
distal-attribute

revision 4706 with virus

samurat2000 posted 9 months ago in General
jobery posted 9 months ago
my antivirus detected it will be happening? unhappy
kalvaro posted 9 months ago
I've just submitted both 32 and 64 bit binaries to VirusTotal and got zero detections out of 53 virus engines, including Avira:

32 bit
64 bit

Assuming you got HeidiSQL from this site, it's possible that it's just a false positive that's already been fixed :-?
kalvaro posted 9 months ago
Oops, sorry, please ignore my post. The on-line engine scanned the site itself, not the files (403 Forbidden).
kalvaro posted 9 months ago
New analysis (downloading files to my computer and uploading to VirusTotal):

32 bit 2/49
64 bit: 0/38
Installer

Only the 32-bit binary seems affected. Still, it feels like a false positive...

kalvaro posted 9 months ago
Installer: 0/49
jobery posted 9 months ago
http://www.heidisql.com/buils/heidisql32,r4706.exe with TR/Spy.ZBot.kre.11
jobery posted 9 months ago
http://www.heidisql.com/buils/heidisql32.r4706.exe with TR/Spy.ZBot.kre.11
ansgar posted 9 months ago
Adrien included a new internal unit in r4706: System.RegularExpressions. That's most probably causing a similarity to the mentioned real virus. I highly guess it's a false positive. But I will talk to Adrien to roll back that commit, so we can see if that's true.
ansgar posted 9 months ago
Yes, it was a false positive. I just reverted r4706 and the 32bit build is fine again: https://www.virustotal.com/en/file/403a2126030c299beedcd3b3309bd025c38d8fe6d7a38fa964bc5f8fd06e3125/analysis/1392270749/

Probably a good thing, as we had two different regular expression libraries in Heidi, reduced to one again now.

Please login to leave a reply, or register at first.