NSIS False Positive Evo-gen Susp

Hi
The Evo-gen Susp complaints return after a year or so…

Three simple samples are attached that do nothing other than load an installer window (the installer pages are changed, the detection seems to be a function of the pages used)

Example scan:
https://www.virustotal.com/en/file/42aebee83d75f5350d1bf2be0c1eeef44a1f17285595190b6d876d9a8fc845bd/analysis/1460728846/

The compiled script is an example script contained in NSIS distributions (Basic.nsi) which can be downloaded at http://nsis.sourceforge.net

I submitted the samples via your online form, but nothing has changed after 3 days

https://www.sendspace.com/file/spzd9r

No password to archive

Goodday

Submitted malware samples to avast will take up to 5-7 working days. They have to analyze the samples and release updated VPS definition update.

Alright. Posting on the forum seems to expedite the process

Very annoying to keep handling complaints of Evo-gen detections

The previous samples I have submitted have been fixed

Here are three more with a different compression method which are triggering Evo-gen

https://www.sendspace.com/file/5c6w44

No password

Hi,

the false positive is now fixed.