sixth time tried to post this, keep being blocked.
XP, SP3, 32bit, SSE2
using PortableApps.com Installer 3.1 keep getting same 3 warnings at virustotal
using PortableApps.com Installer 3.0.20 don't get errors
same happens making installers from some of the recent PAc App releases
added:
since this went through see if can add some detail, files tried:
Made a GPG 1.4.20 plugin and when check with VirusTotal get warnings:
Bkav = HW32.Packed.F972
McAfee-GW-Edition = BehavesLike.Win32.Dropper.tc
Qihoo-360 = HEUR/QVM20.1.Malware.Gen
PAcInstaller 3.1 warnings, redo with PAcInstaller 3.0.20 no warning
redo installers for:
gpg4usbPortable_0.3.3-2.paf.exe
7-ZipPortable_15.14.paf.exe
PWGenPortable_2.7.0.paf.exe
and get warnings
WinScan2PDFPortable_3.08_Dev_Test_1.paf.exe had warnings, redo with PAcInstaller 3.0.20 no warning
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
Here is the current scan at VirusTotal: https://www.virustotal.com/en/file/99cd4214a68090876fa5ef645fb89d7f5ecc5...
There are two false positives: McAfee-GW-Edition and Rising. For the unfamiliar, Rising is a small antivirus in China that appears to be shutting down all non-Chinese operations, possibly going out of business. False positive reports have been submitted to both.
You'll find many Windows installers will have these issues as they switch to NSIS3 to mitigate a DLL hijack attack over the next few weeks. You should no longer use PA.c Installer 3.0.20 or any version of NSIS before 2.50 or 3.0b3 as it is vulnerable to a DLL hijack for end users that use Google Chrome and Microsoft Edge. Both browsers permit all websites to download infected DLLs with no user interaction. Chrome has had this vulnerability for 7 years. So, websites can download fake DLLs directly to the Downloads directory on Chrome user's PCs without their approval and then a vulnerable installer will use it while running. About 80% of Windows installers are vulnerable.
Sometimes, the impossible can become possible, if you're awesome!