While installing 2024R4, I got this error for Bitdefender:
An attempt was made to execute an infected file on your device.
Threat name: Gen:Variant.Lazy.629205
Path: /Applications/Xojo 2024 Release 4/Xojo.app/Contents/Resources/Internal Plugins/RBREALSQLDatabase.xojo_plugin/RBREALSQLDatabase/Build Resources/Windows/REALSQLDatabase.dll
We have deleted the file to prevent harmful commands from being executed on your device.
I second the VirusTotal online scanner tool that Rick has linked. It’s a great way to check quite a few different providers all at once. Using it can help you identify false positives.
So we got a consensus of several trusted antivirus companies that it is safe, and 4 “Generic assumptions” that it may, or not, be ok. I vote “False positive”.
it would be nice if someone from XOJO could check and validate this as well as we don’t want to spread viruses to our customers with those . Recently i have a friend that complained same thing about Balena Etcher that had similar issues , so either some strange signatures that are in bitdefender db or some real problem there.
The way used to check and validate is what I said and Tim executed. Submit a sample to a multi virus scanner and observe the reports. Dozens of engines said “nothing to see here” and 4 said “I don’t know what this thing is, but it uses API’s that some virus uses too” that “Gen” in the signature name (generic suspicion). When something new arises many of those would flag that file as suspect (heuristic check, it does something suspicious, but it may be just a false alert) over the hours or days the suspicion is analyzed and engines start to whitelist that file. When a lot of engines whitelist it and some don’t, it just shows that that engine has a slow “catch up” of the analysis and shared feedback. It’s not usual being flagged as suspicious for a very few engines and being a real threat. It’s usual being false flagged by few ones. It’s not so usual but happens being flagged by many and over the hours being whitelisted. People just need to contact their antivirus providers and send a sample to them for deeper inspection and they will whitelist it (once proven a false positive) usually before 4 days. A non-zero-day real threat would spread alerts on several of those engines.
I’m glad to see this here.
I attempted to transfer a zipped windows build to a client via dropbox. His system wouldn’t allow it to be downloaded due to a “detected virus”.
Still causes concern in a customer…