The 0.7 window pc msvc binary check as trojan virus

[inevity]

？？
How fix？

[simonsan]

Not reproducible: https://www.virustotal.com/gui/file/a0915b1c568ed0a58e8f5afc400591b690afd6b1a9c66da8c5f1ccaf3d1715e5

[simonsan]

For the fix, some examples:

• the signatures are attached, you can verify that you downloaded the right files
• then it comes down to trust on our infrastructure for the build process, you can review the logs for the 0.7.0 from the build workflow here (for 30 days I think?)
• the code itself is open-source, so you can either trust in that as well, that the code is doing nothing malicious or you have the possibilities to review it yourself/ask someone to review it

[inevity]

The anti-virust software report it as Trojan/Agent.bkq ,so delete the binary.
Maybe fasle report.
I just download from the github release.
I now switch to wsl to use the linux binary.

[simonsan]

This is a generic result due to some heuristic analysis, I assume. A backup tool by itself can be seen by a heuristic analysis as a tool to exfiltrate data. Essentially, your own data to a backup platform. So there is code to iterate over a lot of files, connect to servers outside your own network, compress, encrypt, and transmit data. Give the possibility to make an ssh connection to a server, download 'arbitrary' (looks like that heuristically) data etc.

The only thing you can do is, to report a false-flagging of the binary to your antivirus provider or personal opinion: uninstall your antivirus and use other protection measures to protect your PC than so called “snake-oil”.