 |
 | MySQL-essential-5.0.51b-win32.msi - Trojan? |  |
|
sighkick
|
|
7th July 00:30 NZST [GMT +12]
Server Win2K3 OS and for some reason Clamwin 0.93.1 has decided to Quarantine mysql-essential-5.0.51b-win32.msi [23,258Kb] which had been sitting quite happily in my Software folder for months. Will upload this file if a good upload link is provided i.e. one that works. Trojan.Banload.ARQ was the report. Is this another False Positive? Thank God that it hasn't messed with my install of MySQL! p.s. Clamwin-0.93-setup.exe was moved to Quarantine on the 14th June supposedly carrying Adware.SpyBurner. Comments please. |
|||||||||||
|
|||||||||||||
 |
| |
|
alch
Site Admin
|
|
Adware.SpyBurner in clamwin setup was discussed here a number of times, one of the search results:
http://forums.clamwin.com/viewtopic.php?t=1808&highlight=adware+spyburner you may try scanning mysql setup at http://www.virustotal.com |
|||||||||||
|
|||||||||||||
|
| |
|
sighkick
|
|
Thank you for your reply alch
I mentioned Adware.SpyBurner as a throw-away observation having already read the forum and discovered that it was a FALSE + My question is regarding MySQL-essential-5.0.51b-win32.msi which I know is safe because Norton Corporate AV, a-squared, AVG Anti-Spyware and Boclean had not marked as a trojan [just scanned again, nil found] I mentioned this apparent additional False Positive in the hope that the people responsible for the signature file updates could double check this one themselves. Just noticed that MySQLInstanceConfig.exe has also just been quarantined along with MySQL-essential-5.0.51b-win32.msi |
|||||||||||
|
|||||||||||||
|
| |
|
pedro_fp_simoes
|
|
I have the same problem with an XP pro + WAMP
C:\wamp\bin\mysql\mysql5.0.51b\bin\MySQLInstanceConfig.exe: Trojan.Banload.ARQ FOUND ----------- SCAN SUMMARY ----------- Known viruses: 341058 Engine version: 0.93.1 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 1.00 MB Time: 24.578 sec (0 m 24 s) -------------------------------------- Completed --------------------------------------  |
|||||||||||
|
|||||||||||||
|
| |
|
sighkick
|
|
Hi there Pedro
Both these files had been moved to Quarantine and MySQL seems to still be working properly, I thought they were both original installation files. Your post had me worried that MySQL may stop working since the MySQLInstanceConfig.exe seems to have come from the installed \bin directory. I have now set ClamWin to simply report any potential virus or trojan, not to move the files. Has your MySQL been affected at all? |
|||||||||||
|
|||||||||||||
|
| |
|
alch
Site Admin
|
|
could you please submit MySQLInstanceConfig.exe using this online form http://cgi.clamav.net/sendvirus.cgi ?
Just before sending it please download the latest virus database and check if the false positive hasn't already been removed. Thanks, Alch |
|||||||||||
|
|||||||||||||
|
| |
|
sighkick
|
|
alch
It seems that the latest Update a few hours back has solved the problem with the False +'ves as mentioned above. The scan took forever, hence the delay in posting this. Someone is obviously proactive and 'on the ball' - thanks. Dave (NZ) |
|||||||||||
|
|||||||||||||
|
 | MySQL-essential-5.0.51b-win32.msi - Trojan? | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.