Re: PostgreSQL\12\bin\pg_ctl.exe - Trojan detected - Mailing list pgsql-bugs

From Andres Freund
Subject Re: PostgreSQL\12\bin\pg_ctl.exe - Trojan detected
Date
Msg-id 2B803319-D7B2-4B78-8345-3928CB9494C8@anarazel.de
Whole thread Raw
In response to Re: PostgreSQL\12\bin\pg_ctl.exe - Trojan detected  (Magnus Hagander <magnus@hagander.net>)
List pgsql-bugs
Hi,

On December 22, 2019 10:38:57 AM EST, Magnus Hagander <magnus@hagander.net> wrote:
>On Sun, Dec 22, 2019 at 4:26 PM Manoj Agrawal
><manoj.agrawal@hotmail.com>
>wrote:
>
>> Dear PostgreSQL Team,
>>
>> I am a regular ordinary user of your application.
>> I apologies for not following your bug and security template. I
>suppose
>> this will be OK with you.
>>
>> Kindly look at this screen from Windows 10 machine.
>>
>> I have downloaded "postgresql-12.1-3-windows-x64.exe" from your
>website
>> and during installation it is reporting Malware in one of your
>executable.
>>
>
>
>Exactly which URL did you download it from? And please provide a
>checksum
>(md5, sha1 or similar) of the file downloaded to your system.
>
>
>
>>
>> *PostgreSQL\12\bin\pg_ctl.exe*
>>
>> *Threat detected: Trojan:Win32/Detplock *
>>
>> *Alert level: Severe *
>>
>> *Date: 22-12-2019 07:32 PM *
>>
>> *Category: Trojan *
>>
>> *Details: This program is dangerous and executes commands from an
>> attacker. *
>>
>> I need you to look into this on priority basis. As I am stuck-up
>>
>
>Hi!
>
>Can you please take the file from your system and upload it to
>https://www.virustotal.com/gui/home/upload, and let us know what the
>detection there says?  It also gives you a link to the finished
>analysis,
>so please post the link to that one as well.

Fwiw, there's a note on MS's page about recent false positives for this"virus":
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Detplock
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.



pgsql-bugs by date:

Previous
From: Magnus Hagander
Date:
Subject: Re: PostgreSQL\12\bin\pg_ctl.exe - Trojan detected
Next
From: Manoj Agrawal
Date:
Subject: Re: PostgreSQL\12\bin\pg_ctl.exe - Trojan detected