My virus software is flagging the nxi.exe as a suspicious file, containing a CRYP_MEW-11 Trojan. Has anybody else ran into this, is this file safe? Personally I’m kind of hesitant to run an exe from the comp on this computer, and my virus software blocked The Missing Piece from touching the internet after installing.
Any help would be appreciated, even from the authors.
Sweet, thanks for getting back to me, I feel a lot better about the file. This is the computer that I program IF on, so I really don’t run anything on it, and I was a little worried. I’ll be trying it out tomorrow.
Maybe, maybe not. I’m using Trend Micro’s PC-cillin on this machine, and it could just be seeing an exe wrapped in MEW and flagging it suspicious because it doesn’t know any better. When I scan it with NOD32 on my Vista box nothing comes up, but like I said, this is my dev box and I’m a little sensitive about it. Just knowing that you did use a MEW wrapper makes me feel better, because it explains why it was flagged on this machine.
It also says:
Aliases: Generic.dx (McAfee), Trojan.Dropper (Symantec), Troj/Patch-F (Sophos),
In the wild: Yes
Overall risk rating: Low
This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as malware packed by MEW.
I know this is not what you want to hear, but maybe it is spyware. I can’t submit it for review, so I really don’t know, but if it is malware, maybe you can contact Stephen Granade and submit a new version using UPX.
Oh, I see. You have activated heuristic detection in your antivirus program. This is not recommended really. You should have turned it off, because it tends to give lots of false warnings on files, even on normal Windows system files.
Nothing picks up ALL trojans and spyware. If something did, then their would never be a need for updates/upgrades. It is a game in itself, hackers/coders trying to outdo each other…
My advice, have two sweepers running on consecutive days, one reliable paid device, one free device. Believe it or not, the free ones are often able to detect new stuff first, but not remove it, in my experience. Then the updates for the paid goods removes it a few days/weeks later from the quarantine.