Avast! keep flagging my installer as suspicious. (Win32:Evo-gen [Susp])
An actual scan of the installer gives a green light, no threat found but if I try to move it or download it Avast! will flag it again and remove it. This is a problem that I need fixed as soon as possible so the question is, is there anything I can do about it like a specific NSIS version or something? I am pretty sure NSIS is what is being flagged since it only flags the installer.
I have already submitted it as a false positive but it was about a week ago now. I understand that checking all submitted files take a lot of time so I was hoping I could do something myself in the meantime.
Updated: I think I managed to compile an installer that does not get flagged. The “solution” was to download an older version NSIS (2.46 in my case) and use that instead.
I’m using version 2.46 of NSIS installer for many years to build various setups without any problems.
I have never heared about problems with any AV software.
But now a customer told us that AVAST is flagging a setup as maleware (Win32:Eco-gen[Susp]).
All setups are using the same common NSIS code and will be build with the same NSIS compression settings.
But only one setup will be flagged!
After reading this thread I changed the compressor settings for the affected setup from lzma to zlib an everything works fine again.
No more flagging by AVAST!
BTW:
The latest vps update has no effect for my problem!
Older versions (build with 2.46 and lzma) of the affected setup will not be flagged!
Changing to the latest NSIS installer is planed for the next days.
But now we urgently need to find a solution for the existing setup!
So, how can we send a large setup file to you?
Email is not possible because of length limitation for the attachments.