Binary created with NSIS is reported as a virus
Our own Customers report that a binary "xxx.exe" is moved in the virus vault by Norton AV on Windows XP and Vista. I don't no the version of the signaturefile.
The binary does just grant full File Access (Windows ACL) to another File of our own software after installation. It was build with the NSIS-Installationframework (http://nsis.sourceforge.net) with the AccessControll-Plugin.
The codelines in the NSIS-Installerscript, where the xxx.exe is build from, are looking like these one:
AccessControl::GrantOnFile "$4\${ACCESS_DIR}\${ACCESS_FILE}" "(S-1-5-11)" "FullAccess"
The TargetFile is situated in c:\Documents and Settings\All Users\Application Data\ and in c:\Documents and Settings\<user>\Application Data\
My Question: Does Norton AV declare ALL activities granting full Filepermissions as heuristic virus? Is that the reason cause our binary is marked as virus?