parasoul
29th August 2007 02:12 UTC

Type_Win32 Kaspersky and F-Secure
Hello.

I noticed my project was being detected by Kaspersky and F-Secure.. I further narrowed it down to what it was detecting as a false-positive, and I learned that it was because I had 1) Added a file to my project and 2) executing that file after InstSuccess

Does anyone know a way to make false-positives go away?

parasoul
29th August 2007 02:35 UTC

OK this is getting a bit ridiculous..

I just made a project that only extracted two files to a random dir and it picked it up as Type_Win32

Someone please inform them of this -- I would but I'm not sure how :/

Wizou
30th August 2007 14:57 UTC

These kind of false positive happened to me sometimes

Update to a more recent NSIS was the solution for me

parasoul
30th August 2007 16:22 UTC

Yeah, I just got the newest NSIS and I'm still getting heuristic detections

this is the script

Name "MOH:A Optimizer"

OutFile "MOHA.exe".

Section
File configs.exe
SetOutPath $PROGRAMFILES\myapp
SectionEnd

Section
File opy.exe
SetOutPath $PROGRAMFILES\myapp
SectionEnd

It's half-assed, but i'm just showing it as an example

Anyone have any ideas?

Anders
30th August 2007 18:54 UTC

newvirus@kaspersky.com
Subject should be false positive, zip the file and password protect it and include the password in the e-mail