Archive: NSIS closed by AdAware
NSIS closed by AdAware
When I run NSIS-based installer with the latest version of AdAware, the former is closed by the latter with the following comment:
23.11.2005 2:21:53 - Harmful process discovered(PID:3316)
Object:setup.exe
path:c:\work\Output\
Category:Data Miner
Vendor:BroadCastPC
It is not possible to run an installer with default AdAware options, one should explicitly tune them instead.
It depends on the application you want to install, software, wich uses a NSIS based installer can contain spyware, this is not a NSIS issue.
Also searching the forum will give you clues about some false-postives :)
Originally posted by KoopatrooperHeh, it is mine own installer and it is completely free from adware. It was OK before I have downloaded the latest reference AdAware file.
It depends on the application you want to install, software, wich uses a NSIS based installer can contain spyware, this is not a NSIS issue.
Have you reported this to Ad-Aware? If they need any details, feel free to give them my e-mail address.
False positives in general
I hadn't a false positive problem yet (or didn't here about this). But I'm somewhat concerned about my software possible failing at customers due to bad virus scanners etc.
My concerns are more about NSIS than my software because my software will less likely be detected as virus. There were quite some NSIS "dangers" in the past mentioned in this forum.
Is there anything we can do to improve this? I would be glad if I could give my installer to McAfee and Co to add it to their "good" pool (or at least to some "should be good" pool where positives will make them ask questions). As my software and NSIS are often updated this should be more than a one-time action and I personally would like to automate it. I guess there are somewhat more practical or "political" problems (they probably want to be sure that there "good" pool does just contain clean software).
@kichik: Do you have any good contacts there? Maybe we can build a list of (professional) software authors and companies using NSIS so we can get some attention.
It is possible to get an anti-virus company to put NSIS in the "should be good" list. I've managed to get AVG to do this after the third time I've contacted them about a false positive. On the other hand, there are companies like Kaspersky that already scan inside NSIS installers, and so probably don't have this kind of false alarms. Panda is also working on a NSIS scanner.
The big problems is that there are so many companies that create anti-something products. It's one of the biggest trends lately... More malware pops-up, so more anti-something is being created in return.