Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
faq:ispopfileinfected [2008/09/16 11:00] – Provide a link to the Virus Total site xueshengfaq:ispopfileinfected [2009/11/27 11:23] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Does POPFile contain a virus/trojan/adware ? ====== ====== Does POPFile contain a virus/trojan/adware ? ======
  
-The Windows installer for POPFile and several of the Windows utilities shipped with POPFile are built using NSIS, the Nullsoft Scriptable Install System. [[http://nsis.sourceforge.net/| NSIS]] was SourceForge "Project of the Month" for January 2006 (POPFile was "Project of the Month" for May 2003). +The Windows installer for POPFile and several of the Windows utilities shipped with POPFile are built using NSIS, the Nullsoft Scriptable Install System. [[http://nsis.sourceforge.net/| NSIS]] was [[http://sourceforge.net/|SourceForge]] "Project of the Month" for January 2006 (POPFile was "Project of the Month" for May 2003). 
  
 Since the beginning of August 2004 several anti-virus packages have been falsely reporting that software built using NSIS contains a trojan, or other form of virus. The following statement appeared on the old NSIS web site but it was not copied to their new Wiki-based web site: Since the beginning of August 2004 several anti-virus packages have been falsely reporting that software built using NSIS contains a trojan, or other form of virus. The following statement appeared on the old NSIS web site but it was not copied to their new Wiki-based web site:
  
-  * We have had several problems with false virus positives during the last weeks. Some anti-virus products incorrectly detect certain NSIS components as being a virus. All false positives seem to be related to the internet downloading plug-ins. +We have had several problems with false virus positives during the last weeks. Some anti-virus products incorrectly detect certain NSIS components as being a virus. All false positives seem to be related to the internet downloading plug-ins.| 
- +|Both %%McAfee%% and Norton have already corrected their virus definitions. If you notice that another product incorrectly detects a virus, please contact the developers of this product. Developers of anti-virus products can also contact the NSIS Development Team for more information.| 
-  * Both McAfee and Norton have already corrected their virus definitions. If you notice that another product incorrectly detects a virus, please contact the developers of this product. Developers of anti-virus products can also contact the NSIS Development Team for more information. +^ SourceA NSIS support forum [[http://forums.winamp.com/showthread.php?postid=1825360#post1825360| message]] from one of the NSIS developers (posted 13 December 2005).^
- +
-  *(Extracted from a [[http://forums.winamp.com/showthread.php?postid=1825360#post1825360| message]] by one of the NSIS developers in the NSIS support forum.)+
  
 Usually an updated set of virus definitions stops the false reports (e.g. Symantec's definitions dated 9 August 2004 detected a trojan in the NSIS "internet downloading" plug-in but their definitions dated 10 August (or later) do not).  Usually an updated set of virus definitions stops the false reports (e.g. Symantec's definitions dated 9 August 2004 detected a trojan in the NSIS "internet downloading" plug-in but their definitions dated 10 August (or later) do not). 
Line 20: Line 18:
   * "Uninstall POPFile" (uninstall.exe)   * "Uninstall POPFile" (uninstall.exe)
  
-However in these four programs this plug-in is not used to access the internet - it is used to shutdown POPFile without using your browser.+However only the last program (uninstall.exe) uses this plug-in to access the internet (to download SSL support or the [[/docs/jp:faq:mecab| MeCab parser]] used to analyze Japanese mail); the other three programs only use that plug-in to shut down POPFile without using your browser.
  
 The following optional Windows utility for POPFile uses the NSIS "internet downloading" plug-in to access the internet: The following optional Windows utility for POPFile uses the NSIS "internet downloading" plug-in to access the internet:
Line 29: Line 27:
  
 If you are still concerned then you can get a second opinion at [[http://www.virustotal.com/]] which will scan a suspect file for you using over 30 different up-to-date anti-virus packages. If you are still concerned then you can get a second opinion at [[http://www.virustotal.com/]] which will scan a suspect file for you using over 30 different up-to-date anti-virus packages.
 +
 +The NSIS wiki has a page about [[http://nsis.sourceforge.net/NSIS_False_Positives| False Positives]] and this includes a [[http://nsis.sourceforge.net/NSIS_False_Positives#Online_Virus_Scanners| list of online virus scanners]]
 +
  
 See also:  See also: 
   * [[FAQ:AntivirusAlarms  | Why is POPFile causing alarms in my antivirus program?]]   * [[FAQ:AntivirusAlarms  | Why is POPFile causing alarms in my antivirus program?]]
  
 
faq/ispopfileinfected.1221562827.txt.gz · Last modified: 2008/09/16 13:00 (external edit)
Old revisions

Should you find anything in the documentation that is incomplete, unclear, outdated or just plain wrong, please let us know and leave a note in the Documentation Forum.

Recent changes RSS feed Donate Driven by DokuWiki
The content of this wiki is protected by the GNU Fee Documentation License