Archive: InstallDirRegKey malware?
InstallDirRegKey malware?
i've noticed when i compile NSIS installers with InstallDirRegKey in them and scan them with malware scanners ( http://virusscan.jotti.org/ ) im wondering if it's the way im using the command or if it's just always picked up?
I just can tell you NSIS isn't malware or has virus...
There've been a lot of false positives...
no doubt this can be another one.
Originally posted by Joeli for one know nsis isnt malware or a virus, but the people im providing an installer to are all too cautious about things like this, the smallest little thing will set them into a flame war on the forums we post on
I just can tell you NSIS isn't malware or has virus...
There've been a lot of false positives...
no doubt this can be another one.
This is because there is a "NSIS Media Extension" malware/trojan which uses the NSIS name to masquerade. Hopefully AV companies can learn to detect the difference, since the worm is mainly detected via registry key presence.
In my experience there is no single command like InstallDirRegKey what will trigger the virus alarm. So the only really working thing you can do is report these false positives to those AV companies.
Originally posted by pikleyanoAV companies don't detect NSIS installers as virus just because of some malware/trojan is using NSIS in it's name. That would be stupid. They detect NSIS, because some malware/trojans are made with NSIS.
This is because there is a "NSIS Media Extension" malware/trojan which uses the NSIS name to masquerade. Hopefully AV companies can learn to detect the difference, since the worm is mainly detected via registry key presence.