Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
faq:ispopfileinfected [2008/02/08 18:49] – external edit 127.0.0.1faq:ispopfileinfected [2009/11/27 11:23] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Does POPFile contain a virus/trojan/adware ? ====== ====== Does POPFile contain a virus/trojan/adware ? ======
  
-The Windows installer for POPFile and several of the Windows utilities shipped with POPFile are built using NSIS, the Nullsoft Scriptable Install System. [[http://nsis.sourceforge.net/| NSIS]] was SourceForge "Project of the Month" for January 2006 (POPFile was "Project of the Month" for May 2003). +The Windows installer for POPFile and several of the Windows utilities shipped with POPFile are built using NSIS, the Nullsoft Scriptable Install System. [[http://nsis.sourceforge.net/| NSIS]] was [[http://sourceforge.net/|SourceForge]] "Project of the Month" for January 2006 (POPFile was "Project of the Month" for May 2003). 
  
 Since the beginning of August 2004 several anti-virus packages have been falsely reporting that software built using NSIS contains a trojan, or other form of virus. The following statement appeared on the old NSIS web site but it was not copied to their new Wiki-based web site: Since the beginning of August 2004 several anti-virus packages have been falsely reporting that software built using NSIS contains a trojan, or other form of virus. The following statement appeared on the old NSIS web site but it was not copied to their new Wiki-based web site:
  
-  * We have had several problems with false virus positives during the last weeks. Some anti-virus products incorrectly detect certain NSIS components as being a virus. All false positives seem to be related to the internet downloading plug-ins. +We have had several problems with false virus positives during the last weeks. Some anti-virus products incorrectly detect certain NSIS components as being a virus. All false positives seem to be related to the internet downloading plug-ins.| 
- +|Both %%McAfee%% and Norton have already corrected their virus definitions. If you notice that another product incorrectly detects a virus, please contact the developers of this product. Developers of anti-virus products can also contact the NSIS Development Team for more information.| 
-  * Both McAfee and Norton have already corrected their virus definitions. If you notice that another product incorrectly detects a virus, please contact the developers of this product. Developers of anti-virus products can also contact the NSIS Development Team for more information. +^ SourceA NSIS support forum [[http://forums.winamp.com/showthread.php?postid=1825360#post1825360| message]] from one of the NSIS developers (posted 13 December 2005).^
- +
-  *(Extracted from a [[http://forums.winamp.com/showthread.php?postid=1825360#post1825360| message]] by one of the NSIS developers in the NSIS support forum.)+
  
 Usually an updated set of virus definitions stops the false reports (e.g. Symantec's definitions dated 9 August 2004 detected a trojan in the NSIS "internet downloading" plug-in but their definitions dated 10 August (or later) do not).  Usually an updated set of virus definitions stops the false reports (e.g. Symantec's definitions dated 9 August 2004 detected a trojan in the NSIS "internet downloading" plug-in but their definitions dated 10 August (or later) do not). 
Line 20: Line 18:
   * "Uninstall POPFile" (uninstall.exe)   * "Uninstall POPFile" (uninstall.exe)
  
-However in these four programs this plug-in is not used to access the internet - it is used to shutdown POPFile without using your browser.+However only the last program (uninstall.exe) uses this plug-in to access the internet (to download SSL support or the [[/docs/jp:faq:mecab| MeCab parser]] used to analyze Japanese mail); the other three programs only use that plug-in to shut down POPFile without using your browser.
  
 The following optional Windows utility for POPFile uses the NSIS "internet downloading" plug-in to access the internet: The following optional Windows utility for POPFile uses the NSIS "internet downloading" plug-in to access the internet:
Line 27: Line 25:
  
 The addssl.exe program downloads some SSL components from the University of Winnipeg repository (these files are required to allow POPFile to use SSL connections to mail servers). The addssl.exe program downloads some SSL components from the University of Winnipeg repository (these files are required to allow POPFile to use SSL connections to mail servers).
 +
 +If you are still concerned then you can get a second opinion at [[http://www.virustotal.com/]] which will scan a suspect file for you using over 30 different up-to-date anti-virus packages.
 +
 +The NSIS wiki has a page about [[http://nsis.sourceforge.net/NSIS_False_Positives| False Positives]] and this includes a [[http://nsis.sourceforge.net/NSIS_False_Positives#Online_Virus_Scanners| list of online virus scanners]]
 +
  
 See also:  See also: 
   * [[FAQ:AntivirusAlarms  | Why is POPFile causing alarms in my antivirus program?]]   * [[FAQ:AntivirusAlarms  | Why is POPFile causing alarms in my antivirus program?]]
  
 
faq/ispopfileinfected.1202496561.txt.gz · Last modified: 2008/09/16 13:00 (external edit)
Old revisions

Should you find anything in the documentation that is incomplete, unclear, outdated or just plain wrong, please let us know and leave a note in the Documentation Forum.

Recent changes RSS feed Donate Driven by DokuWiki
The content of this wiki is protected by the GNU Fee Documentation License