Indigo Rose Software

Professional Software Development Tools

 
+ Reply to Thread
Results 1 to 12 of 12
  1. #1
    Join Date
    Mar 2012
    Posts
    12

    Thumbs down Setup Factory 9 has malware and trojans ? can't believe it.

    As the title said. I have built several exe files just for test, even I built an blank exe with nothing inside and tested it on virustotal.com and guess what ?
    It has 5 variants of malware and trojan horse.

    Can someone explain to me is that include in FALSE/POSITIVE or what ? and if that's the case than how came virustotal is not detecting those variants in EXE created by INNO SETUP and ADVANCED INSTALLER MAKER ?

    to all those who wants to give it a try can build setup with Setup Factory 9 trial version and can check themselves on virustotal.com to see results.

  2. #2
    Mick is offline No longer a forum member
    Join Date
    Feb 2012
    Posts
    173
    well just a guess, but since you never put anything in the exe then its a false positive, no doubt you are using something like avg free.

  3. #3
    Join Date
    Apr 2005
    Location
    Tabo„o da Serra
    Posts
    3,539
    No, of course Setup Factory doesn't contain malware or trojans, unless your computer is indeed infected.

    I just performed a test using an empty installer built with Setup Factory 9.0.4. You can see the report here. There is absolutely nothing wrong here - there will always be a few false positives. As long as these false positives are from obscure products like Antiy-AVL, ByteHero, DrWeb and VBA32, there is nothing to worry about.

    Ulrich
    Last edited by Ulrich; 04-10-2012 at 05:03 PM.

  4. #4
    Join Date
    Mar 2012
    Posts
    12
    Quote Originally Posted by Mick View Post
    well just a guess, but since you never put anything in the exe then its a false positive, no doubt you are using something like avg free.
    You sir are totally out of your mind . can't even bother reading my post above ? read again.

    Quote Originally Posted by Ulrich View Post
    No, of course Setup Factory doesn't contain malware or trojans, unless your computer is indeed infected.

    I just performed a test using an empty installer built with Setup Factory 9.0.4. You can see the report here. There is absolutely nothing wrong here - there will always be a few false positives. As long as these false positives are from obscure products like Antiy-AVL, ByteHero, DrWeb and VBA32, there is nothing to worry about.

    Ulrich
    Well, I checked your report and It has 4 variants.

    Code:
    Antiy-AVL 	Trojan/Win32.Genome.gen
    ByteHero 	Virus.Win32.Part.a
    DrWeb 	Trojan.DownLoader5.54414
    VBA32 	TrojanDownloader.Genome.cyci
    This is exactly what I'm talking about and no I don't have any virus in my developer pc nor its infected.
    and the thing is; I've created same installers with Setup Factory 8.0 and there is only 1 variants which is not malicious at all.

    So Its pretty much clear that SF9 needs to be check for its components to ensure that Its codes are not falsely detecting if someone checks their installer on virustotal. and why not ? How can company like Indigorose let it go away in SF9 when SF8 has no issues.

    Please check it. Its bothering me because I don't want to use SF8 considering it has less features as compared to SF9.

  5. #5
    Join Date
    Jan 2001
    Location
    Shelton,WA
    Posts
    3,123
    it is *NOT* 4 "variants" -- it's being reported by 4 anti virus vendors -- and all but one say it's not a virus, it's a "downloader" -- reporter the false positive to those av vendors. All but McAfee and Symantec are usually very responsive.

  6. #6
    Join Date
    Mar 2012
    Posts
    12
    Quote Originally Posted by jassing View Post
    it is *NOT* 4 "variants" -- it's being reported by 4 anti virus vendors -- and all but one say it's not a virus, it's a "downloader" -- reporter the false positive to those av vendors. All but McAfee and Symantec are usually very responsive.
    overall !
    How came an reputed company like Indigorose top notch application has malware/viruses and trojans associated with its inbuilt components ? Why
    however there are only 1 variants or we could say warning in previous version of the same product.

  7. #7
    Join Date
    Jan 2001
    Location
    Shelton,WA
    Posts
    3,123
    There is a term "False positives" -- some av vendors call anything they don't recognize "Suspect" -- so you write a program, it's caught "I don't know what this is; so it could be a virus" - you report it; they make an exception, you recompile and repeat.

    All you have t do is report the false positive -- not a big deal. this isn't the end of the world like you are making it out to be. it's a bump in the road... a small pothole; but certainly nothing to freak out about.

  8. #8
    Join Date
    Mar 2012
    Posts
    12
    Quote Originally Posted by jassing View Post
    There is a term "False positives" -- some av vendors call anything they don't recognize "Suspect" -- so you write a program, it's caught "I don't know what this is; so it could be a virus" - you report it; they make an exception, you recompile and repeat.

    All you have t do is report the false positive -- not a big deal. this isn't the end of the world like you are making it out to be. it's a bump in the road... a small pothole; but certainly nothing to freak out about.
    That's what exactly I'm trying to do by posting this thread here.
    Code:
    I WANT YOU TO REPORT THIS TO MATTER TO SF9 SOFTWARE TEAM/ADMINISTRATION SO THAT THEY MAY GET IN TOUCH WITH RESPECTIVE AV COMPANY WHICH DETECTED SF9 COMPONENTS AS HIGH RISK VARIANTS.
    and the opinion of yours about me being an IDIOT, who's keep posting about this issue is totally unprofessional Mr Jassing. I have no intentions of being a SF9 technical aspects leader at all.

  9. #9
    Join Date
    Jan 2001
    Location
    Shelton,WA
    Posts
    3,123
    Good luck with that.

  10. #10
    Join Date
    May 2006
    Posts
    5,556
    If you found a burglar in your house would you wait for your wife to get home so she could call the police or would you reach for your phone....... just go report it and stop wasting everyone's time!!!!

  11. #11
    Join Date
    Mar 2012
    Posts
    12
    Quote Originally Posted by RizlaUK View Post
    If you found a burglar in your house would you wait for your wife to get home so she could call the police or would you reach for your phone....... just go report it and stop wasting everyone's time!!!!
    Either you're being ignorant or you yourself has never build any enterprise level product with Setup factory.

    Do you realize you statement you posted above ? Its implying that Indigorose won't do anything about it and I should just avoid it. huh

    what a worst support !

  12. #12
    Join Date
    Jan 2001
    Location
    Shelton,WA
    Posts
    3,123
    The installs I build; if detected as a false positive; I contact the a/v vendor -- I don't ask other users (you do realize this is a USER TO USER forum?) to do it for me.
    If you refuse to take care of your problem; try opening a ticket with Indigo Rose -- I seriously doubt any other forum user will report your false positive for you.

    Good luck -- I'm unsub'ing from this thread as it's clear to me the direction it's heading....

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts