cancel
Showing results for 
Search instead for 
Did you mean: 

Sybase IQ 16 Install Virus

former_member213365
Active Participant
0 Kudos

I downloaded the file iq1600_nc_win32.zip from the Sybase web site and installed it on Win Vista x32.  Towards the end of the install Norton popped up and indicated that the file dbput16.dll was infected with the virus Suspicious.Cloud.7.EP.

The install download may be old.  I pulled it from the Sybase site since it seems to be a lot faster than the SAP site.

Anybody seen this virus pop up in their installs?

Accepted Solutions (0)

Answers (2)

Answers (2)

markmumy
Advisor
Advisor
0 Kudos

Jim,

I have this same download from the same site and McAfree (our corporate standard) does not flag anything as having a virus on my system either. I've tried the IQ 16 GA client and the SP01 client with the same result.

Of note, though, is the platform.  Our docs say that we support the same platforms as the server.  Vista is not one of those platforms listed.  Windows XP, Windows 2008 and Windows 7 are the only ones listed.

I've installed this on my Windows 7 32-bit system and don't get popups via McAfee.  Could be that Norton sees something that's not there or that the platform is causing the issue.

Mark

former_member213365
Active Participant
0 Kudos

I wouldn't suspect that Vista is the problem.  Norton may be a bit aggressive here and it doesn't seem to indicate that anybody else found the virus in the same install.  But then again Norton didn't find anybody using the same install ("unknown community usage").

I ran the install twice just to make sure and it found that "virus" both times.

dbisql doesn't seem to be affected by the quarantined .dll file.  It runs OK.  But my system is acting funny so it's time for a reboot and a full virus scan.

saroj_bagai
Contributor
0 Kudos

seems related to Norton:

http://answers.yahoo.com/question/index?qid=20130603140536AASRpsk

Hi, that suspicious Cloud indicates that a file is on your system that does not match a known virus definition.  As new virus threats are discovered your Anti-virus is updated with new virus definitions.

  To help protect you against a new undiscovered virus Norton compares the files with it's history by  thousands of other users.  If nothing is known about it but it isn't sure what it is it flags it as suspicious.

  It could be a brand new legitimate application or a brand new virus. Until something is found out about it Norton chooses to protect on the in case.

  An example-Libreoffice came out with a new version.  I chose to update my libreoffice the first few hours it was released.  Norton saw a file it contained and blocked it because no one else had the file of it's many thousand users., it had no known history.  I waited a couple days until it determined it was safe and I was able to download it fine.

http://securityresponse.symantec.com/sec…

http://community.norton.com/t5/Norton-36…

name=Suspicious.Cloud.7.EP&vid=42301

and

http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/suspiciouscloud7ep-s...

If you'll do a search with Bing or Google this alert seems to be limited to Norton users and it appears to possibly be a "false positive" report.

saroj_bagai
Contributor
0 Kudos

did you downloaded it from downloads.sybase.com or sybase.subscribenet.com? Seems very unlikely. We didn't see this issue in inhouse testing. We are investigating and  get back to you.

former_member213365
Active Participant
0 Kudos

It came from sybase.subscribenet.com.  I know that area isn't current but I don't have all day to wait for it to come from the SAP site.