My virus software is flagging the nxi.exe as a suspicious file, containing a CRYP_MEW-11 Trojan. Has anybody else ran into this, is this file safe? Personally I’m kind of hesitant to run an exe from the comp on this computer, and my virus software blocked The Missing Piece from touching the internet after installing.
Any help would be appreciated, even from the authors.
AVG Free Edition doesn’t give a warning. And it didn’t trigger Corporate Norton Antivirus on my work PC (although I haven’t actually tried to run it yet).
Sweet, thanks for getting back to me, I feel a lot better about the file. This is the computer that I program IF on, so I really don’t run anything on it, and I was a little worried. I’ll be trying it out tomorrow.
Maybe, maybe not. I’m using Trend Micro’s PC-cillin on this machine, and it could just be seeing an exe wrapped in MEW and flagging it suspicious because it doesn’t know any better. When I scan it with NOD32 on my Vista box nothing comes up, but like I said, this is my dev box and I’m a little sensitive about it. Just knowing that you did use a MEW wrapper makes me feel better, because it explains why it was flagged on this machine.
I have Vista with Norton Protection Center and Norton Internet Security installed on my machine. I have just scanned all my harddrives and the nxi.exe. Nothing found.
This is strange. Why would an antivirus program such as PC-cillin flag a compressed executable as a trojan virus?
It also says:
Aliases: Generic.dx (McAfee), Trojan.Dropper (Symantec), Troj/Patch-F (Sophos),
In the wild: Yes
Overall risk rating: Low
Description:
This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as malware packed by MEW.
I know this is not what you want to hear, but maybe it is spyware. I can’t submit it for review, so I really don’t know, but if it is malware, maybe you can contact Stephen Granade and submit a new version using UPX.
Oh, I see. You have activated heuristic detection in your antivirus program. This is not recommended really. You should have turned it off, because it tends to give lots of false warnings on files, even on normal Windows system files.
Well, the software installs with heuristic detection turned on, I’ve never had any problems with it, so I’ve never had to turn it off.
So maybe we’re back to:
Which is what I was thinking in the first place when you said that you used a MEW wrapper, but when you said that the authors site was suspicious I was a little worried.
I’m thinking that there’s probably nothing wrong with the file, sorry for all the confusion - D
Nothing picks up ALL trojans and spyware. If something did, then their would never be a need for updates/upgrades. It is a game in itself, hackers/coders trying to outdo each other…
My advice, have two sweepers running on consecutive days, one reliable paid device, one free device. Believe it or not, the free ones are often able to detect new stuff first, but not remove it, in my experience. Then the updates for the paid goods removes it a few days/weeks later from the quarantine.