I downlodaed the latest dbForge software from VS (Fusion->Oracle->Check for updates)
the file downloaded is dbforgeoracle36vs10std.exe.
during the installation I got a virus alert from my Symantec Endpoint Protection.
the file infected is:
C:\ProgramData\Devart\dbForge Fusion for Oracle\Visual Studio\Uninstall\is-QMDOI.tmp
here is more details about threat:
http://securityresponse.symantec.com/se ... &vid=23922
I also noticed that some of your setup files are not signed, why is that?
please advice
thank you
virus alert!
Re: virus alert!
This is a known issue of Symantec falsely detecting dbForge as a suspicious software.
We reported this false-positive detection to Symantec earlier.
Currently, we suggest you to disable Symantec while installing dbForge or to add products to Symantec's exception list.
We do confirm that the files downloaded from Registered User's Area or http://www.devart.com/ do not contain any malware, so you can run the files downloaded from the websites with no risk.
We reported this false-positive detection to Symantec earlier.
Currently, we suggest you to disable Symantec while installing dbForge or to add products to Symantec's exception list.
We do confirm that the files downloaded from Registered User's Area or http://www.devart.com/ do not contain any malware, so you can run the files downloaded from the websites with no risk.
Re: virus alert!
Yep, I got it as well. Remove it from quarantine and exclude it. It is being identified because of NIS heuristics. Essentially, because not many NIS users have this file on their system and the file is new, the algorithm assumes it is a virus. I have submitted this as well. Hope Symantec adds it to their white list, because the false positive is kind of annoying.
Re: virus alert!
Hi!
Symantec replied us and confirmed that the misleading virus detection of our tool will be fixed in one of the next update of their software (or their virus database).
Best Regards.
Symantec replied us and confirmed that the misleading virus detection of our tool will be fixed in one of the next update of their software (or their virus database).
Best Regards.
Re: virus alert!
FYI
---------- Forwarded message ----------
From: <[email protected]>
Date: Dec 22, 2014 2:42 AM
Subject: [No Reply] False Positive submission (3691884)
To:
Cc:
In relation to submission [3691884].
Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:
C23FCCC227E6031A2AFD64E82BC4A2A2 - updatesystem.exe
The updated detection(s) will be distributed in the next set of virus definitions, available via LiveUpdate or from our website at http://securityresponse.symantec.com/av ... nload.html
Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.
---------- Forwarded message ----------
From: <[email protected]>
Date: Dec 22, 2014 2:42 AM
Subject: [No Reply] False Positive submission (3691884)
To:
Cc:
In relation to submission [3691884].
Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:
C23FCCC227E6031A2AFD64E82BC4A2A2 - updatesystem.exe
The updated detection(s) will be distributed in the next set of virus definitions, available via LiveUpdate or from our website at http://securityresponse.symantec.com/av ... nload.html
Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.