2. NSIS Discussion
  3. virus false positive

Archive: virus false positive


pabs
21st September 2007 08:04 UTC

virus false positive
Just wanted to let everyone know that there is another virus false positive with NSISdl, this time with Trend Micro OfficeScan 7.3:

http://bugs.debian.org/443121

If anyone feels like fixing this, please cluebat Trend Micro.

It would be nice if anti-virus companies could hire competent engineers.

Anyone have any thoughts for fixing these virus false positives for good?

Joel
21st September 2007 15:07 UTC

Change AV software....?
Sounds a thought for me :)

kichik
21st September 2007 15:35 UTC

Wait a minute... Is that a false positive for the Debian version of NSISdl? That's so awesome! Someone wrote a Virus with NSIS on Debian :)

pabs
22nd September 2007 10:16 UTC

Joel: that is always an option, but not a permanent one - almost all av companies seem to block nsis stuff at some point in time.

kichik: I guess so :)

kichik
22nd September 2007 10:19 UTC

They block everything. They have automatic systems that go and block everything that's suspicious. In this case, NSISdl.dll dares to connect to the Internet and download data! Or it was probably used in some kind of virus/malware to download some vicious piece of code that the automatic systems already recognize.

Fork me on GitHub