XPero Posted July 2, 2006 Share Posted July 2, 2006 I've received several emails of XPize users telling me that Norton Antivirus 2006 found Trojan.Zlob in XPize. I downloaded the Norton AV demo and started to remove pieces of code to see what was causing that. After lot of testing I found the solution:NSIS allows installers to be compressed using different compression methods. The one I use with XPize is the LZMA. Changing this method to another one like BZIP2 fixes the virus warning It seems that the crappy Norton AV does not like LZMA compression I will release a fixed version soon.EDIT: Installer will weight 3MB more using BZIP2 compression!! I love you Symantec! EDIT 2: XPize version 4.4.2 released.EDIT 3: Reuploading version 4.4.2 compiled using NSIS 2.18 and LZMA compression. This time, Norton does not complain. Link to comment Share on other sites More sharing options...
nuhi Posted July 2, 2006 Share Posted July 2, 2006 I would rather contact Symantec or just put a note on the site.Similiar thing happened with nLite and Antivir...someone told them and they corrected. It was Winrar Selfextracting exe. Link to comment Share on other sites More sharing options...
Maleko Posted July 3, 2006 Share Posted July 3, 2006 I cant stand Norton anymore, used to love it, but with version 2006, i hated it! Link to comment Share on other sites More sharing options...
bledd Posted July 5, 2006 Share Posted July 5, 2006 omg, thats so lame (of norton)any chance of putting both builds up each time?, maybe put the non-norton friendly one in 'other downloads' or something Link to comment Share on other sites More sharing options...
Francesco Posted July 5, 2006 Share Posted July 5, 2006 Why don't you compress the installer with 7zip (like the firefox one) maybe norton can't manage to extract it so it won't detect any false positive. Link to comment Share on other sites More sharing options...
XPero Posted July 5, 2006 Author Share Posted July 5, 2006 @bledd:I will think a solution for next version. AV software is killing my patience...@Francesco:Norton will delete the .exe automatically, not even a pre-deletion warning. Link to comment Share on other sites More sharing options...
T D Posted July 5, 2006 Share Posted July 5, 2006 (edited) I scrapped Norton IS 2006. V high memory and cpu usage, especially from CCAPP.EXE and VERY SLOW internet connection.And their definition updates are like 5mb every three minutes. Byebye norton, hello Kaspersky!@XPero Why not try something like ZOO or ARJ, something w/high ratios that Symantec haven't heard of yet? Edited July 5, 2006 by T D Link to comment Share on other sites More sharing options...
Francesco Posted July 5, 2006 Share Posted July 5, 2006 Norton AV has the worst detection ever: It sucks so much that even a 1 byte change in an executable can avoid norton detection. Kasperksy instead doesn't rely on stupid string matches like norton does in fact it has the best detection ever (99.97%). Also kaspersky uses rootkit technology to prevent viruses/worms from disabling the scan making it the best AV ever. Kaspersky also doesn't rescan the files its checksum hasn't changed (checksums are stored in alternate NTFS streams) making Kaspersky the fastest AV ever. Link to comment Share on other sites More sharing options...
T D Posted July 6, 2006 Share Posted July 6, 2006 And the Worm Detection in Norton detects everything as a "worm". Link to comment Share on other sites More sharing options...
XPero Posted July 6, 2006 Author Share Posted July 6, 2006 It seems that latest NSIS (2.18) fixes the problem. I will keep you updated. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now