From: SourceForge.net <no...@so...> - 2005-04-28 17:43:31
|
Bugs item #1161763, was opened at 2005-03-12 02:22 Message generated for change (Comment added) made by kichik You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=373085&aid=1161763&group_id=22049 Category: General Group: 2.0 Series Status: Open Resolution: None Priority: 5 Submitted By: wraith808 (wraith808) Assigned to: Amir Szekely (kichik) Summary: MS Anti-spyware sees NSIS as spyware Initial Comment: Microsoft anti-spyware detects (C:\Program Files\NSIS\Plugins\nsisdl.dll) as spyware. My client is understandably a bit concerned, as this would be flagged on their clients' machines. Any indication why this is happening? I'm using NSIS 2.0 ---------------------------------------------------------------------- >Comment By: Amir Szekely (kichik) Date: 2005-04-28 20:43 Message: Logged In: YES user_id=584402 I've filled in the form and got the following reply: "We believe that this issue relating to NSISdl plug-in has now been corrected. The signature library for Windows AntiSpyware (Beta) will be updated shortly to reflect this change." Please let me know if it's still falsely identified in a couple of days. ---------------------------------------------------------------------- Comment By: wraith808 (wraith808) Date: 2005-04-22 18:35 Message: Logged In: YES user_id=1170629 Sorry- I sent an e-mail not thinking that I needed to come back here to respond. 1. Nsisdl does not have any version information attached, but I am indeed using 2.0. 2. The details of the detection are below: Detected Threats Unclassified.Spyware.43 Spyware more information... Status: Ignored High threat - High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May us a security flaw in the operating system to gain access to your computer. Infected files detected C:\Program Files\NSIS\Plugins\nsisdl.dll 3. The spyware definitions version is 5701 (4/6/2005 3:27:11 PM) ---------------------------------------------------------------------- Comment By: Amir Szekely (kichik) Date: 2005-04-22 18:10 Message: Logged In: YES user_id=584402 Closed due to lack of interest of bug poster. If you have anything to add you can still do it, just reply here. Closing a bug report only means it doesn't show on the main page as an open bug, an existing bug. ---------------------------------------------------------------------- Comment By: Amir Szekely (kichik) Date: 2005-04-08 16:44 Message: Logged In: YES user_id=584402 Did they fix this already? If not, can you please fill me in on the missing details so I can submit the report? ---------------------------------------------------------------------- Comment By: Amir Szekely (kichik) Date: 2005-03-12 18:12 Message: Logged In: YES user_id=584402 I've found this web form for reporting false positives: http://www.spynet.com/falsepositive.aspx However, it requires some details that are missing - definition files version, name of identify threat and the exact version of NSIS used. nsisdl.dll is different between 2.0 and other versions. Are you really using 2.0? It's over a year old. Please fill me in on these details so I can submit a report. ---------------------------------------------------------------------- Comment By: wraith808 (wraith808) Date: 2005-03-12 16:40 Message: Logged In: YES user_id=1170629 The user is using the latest definition files, and I attempted it and received the same error. Thanks for the link- that helps a lot! ---------------------------------------------------------------------- Comment By: Amir Szekely (kichik) Date: 2005-03-12 12:52 Message: Logged In: YES user_id=584402 Is you user using the latest definition files for Microsoft AntiSpyware? If he is, I'll contact Microsoft about their mistake. For more information see: http://forums.winamp.com/showthread.php?s=&threadid=189414&highlight=nsisdl+trojan ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=373085&aid=1161763&group_id=22049 |