whecats.blogg.se

9 November 2022 - 04:43
Nsis decompiler
Allmänt
Nsis decompiler












nsis decompiler
  1. #NSIS DECOMPILER SOFTWARE#
  2. #NSIS DECOMPILER SERIES#
  3. #NSIS DECOMPILER DOWNLOAD#

I was not aware of it but I'm pleased we shared the same thoughts. UPDATE: well known and respected developer Nirsoft published a similar post years before mine.

#NSIS DECOMPILER SOFTWARE#

I prefer to dedicate my (few) spare time to add features to my software instead of fixing AVs databases )

nsis decompiler

The answer is, sadly again, simple: nothing. Obviously AV vendors don't give any clue to developers on what's wrong with the file marked as suspicious, otherwise bad guys could better hide their (real) malware.īig software companies have time, AV agreements (and lawyers) to avoid their binaries being marked as false positives: that's good because nobody likes a zealous AV mark a system file as dangerous.īut what about small ones like me? What am I supposed to do? What now? Should I send them another (the same) sample again and again? What if another AV jumps in? So far so good, but after some days it got back again as false positive, from the same AV and another one. I've sent a false positive report to them asking the removal and, after a few days, it was removed. It was downloaded thousands of times without any issue then, on June 5, it was marked as suspicious by Baidu antivirus. Let me show a real example: VirtualMIDISynth 1.7.1 was released on May 24, 2016. some others require to have their AV installed and registered to send the false positive through it.each AV vendor has its own procedure to send binary samples.Well, I did it in the past but it was a tedious task with unpredictable results:

nsis decompiler

So should I dedicate part of my (few) spare time to contact AV vendors, send them samples to analyze and wait for them to remove from their databases? I can say it's a false positive, because of my statements below and - also - because 1/55 is a clear indication of something wrong (or really really new )).īut I won't expect people believe me (I wouldn't if I were them). This will also indicate that I'm on the "honest" side.īut what if 1 of the 55 of the AV products featured by VirusTotal (at the time of writing) mark my file as suspicious?

#NSIS DECOMPILER DOWNLOAD#

I use VirusTotal to check my products with more than one AV in a shot that's good because I can publish a link together with the download link to show its safety. That said, what other arguments I have to support the statements above, other that my own word? Sadly, almost none!įalse positives are a plague for small/independent developers like me.

  • I don't like to associate my name to something bad.
  • I don't like malware/adware/badware too.
  • I wrote that software and I've built its setup, so I know what I've put inside it.
    • These detections are false positive because: Unfortunately, it isn't tested for installers with more command line parameters.In the last few weeks some antiviruses detected one of my well-known softwares (VirtualMIDISynth) as malicious. The project extraction recreate the folders "Common" and "PRJ1" on the desktop (just modify the script as needed. There is only a small bit of size increasing, because the files you are using inside the installer will not be added again. This causes all the files in "Common" and in "PRJ1" (even subdirs) to be included in the installer. I simply start my script with these lines: Where PRJ1, PRJ2 are the names of my project (and also the "filename" portion of my installer) I'm using the following directory structure: The backup can be extracted using the "/source" switch in the command line of the installer. nsi script called "AutoBackup" for keeping a backup of the entire project inside the project himself. That leaves one possibilty, the compiled NSI script. I have searched this board and found no false alerts regarding version 1.1g (well none for any version actually!), so its most likely that the 1.19 bootstrap/header is not the cause. Also the packaged files in the intaller (after compression) would not likely cause the false trigger as the virus is detected in both the installer and uninstaller by NOD32.

    #NSIS DECOMPILER SERIES#

    The files inside the package are definately not to blame as they are just a series of text files once installed (and they pass all scans once decompressed). NOD32 Virus scanner (from identifies the virus in both the installer and uninstaller, however Norton Antivirus does not. Some guy reckons that a package put together with NSIS (which was downloaded from a highly-visited site) contains a virus (Win32/DelAll). Heres another situation where it would come in handy:














    Nsis decompiler
    0 kommentar(er)
    Om Mig: