Archive: Virus detected in nsis
Virus detected in nsis
Hello, ClamWin flags nsis-2.37-setup.exe as infected by Trojan.PSW.IEPass. However, version 2.38 seems OK for ClamWin.
On the other hand, when I try to pack a program with nsis (both 2.37 and 2.38) Trend Micro OfficeScan flags it as infected by TROJ_ZLOB.EIL.
Has anybody found these problems?
Some more info. I sent both files (nsis-2.37-setup.exe and my program) to a website which analyzes them with several antivirus engines and here are the results:
nsis-2.37
My program
I hope you reported this to the AV makers as well, telling the forum does not get it fixed
False positives are one of the annoyances of releasing software :rolleyes:
If people only would use http://www.virustotal.com/ before complaining...
If people only would use http://www.virustotal.com/ before complaining...If only people read just two posts above before telling other people what the should complain about...
Originally posted by stopaskingThe result clearly shows that your file is clean. Only one/two AV engines out of 33 detected malware. Those are false positives, no doubt. Most likely broken heuristics once gain. If you UPX your file, you'll easily get even more hits. Also my comment was about own personal experiences: I release software using NSIS installers and I get bombed with "Ahhh, there is Virus in your software !!!" mails all the time. I already put a fat warning on the web-site, telling people that they should refer to VirusTotal before sending virus reports, but it seems most people just panic when their anti-virus software detects "Gerneric.Packed" or alike. Unfortunately A/V software developers seem to don't care much about false positives, as long as the affected program is not "big" commercial software...
If only people read just two posts above before telling other people what the should complain about...
The result clearly shows that your file is clean. Only one/two AV engines out of 33 detected malware. Those are false positives, no doubt. Most likely broken heuristics once gain.Agree.
Also my comment was about own personal experiencesok :up:
I release software using NSIS installers and I get bombed with "Ahhh, there is Virus in your software !!!" mails all the time. I already put a fat warning on the web-site, telling people that they should refer to VirusTotal before sending virus reports, but it seems most people just panic when their anti-virus software detects "Gerneric.Packed" or alike.I have the same problem here. I'm releasing this software and it's hard to explain to some not-so-technical people that their AV is wrong.
Unfortunately A/V software developers seem to don't care much about false positives, as long as the affected program is not "big" commercial software...Yes I sent an email to TrendMicro the same day I posted this here and I haven't even got a response yet.
I did the same with Antivir, but no reply until today. Anitivir still claims that a small tool, which I have written myself, is Malware! All this tool does is shutdown my PC and I wrote it for personal usage. Never ever released it. But still I get a Virus popup each time I run my tool. Another observation: Many (but not all) Anti-Virus softwares have strong prejudices against "packed" executable (UPX or Upack), although packing executables is 100% legitimate. Really bizarre...