View Issue Details

IDProjectCategoryView StatusLast Update
0000153NoteFly[All Projects] bugpublic2016-07-24 00:42
ReporterD9ping Assigned ToD9ping  
PriorityhighSeverityminorReproducibilityN/A
Status resolvedResolutionno change required 
Summary0000153: NoteFly setup reported as Suspicious.Emit. (false positive)
DescriptionNoteFly is reported as Suspicious.Emit by Symantec Anti-virus. This is a false positive.
Additional InformationNSIS installer is causing a lot of false postives. For more information see http://nsis.sourceforge.net/NSIS_False_Positives
TagsNo tags attached.

Relationships

parent of 0000188 assignedD9ping Codesign NoteFly setup and main executable. 
related to 0000162 closedD9ping Changed setup compression algorithm from lzma to zlib. 
Not all the children of this issue are yet resolved or closed.

Activities

D9ping

2012-03-18 19:32

administrator   ~0000119

Reported NoteFly 3.0.0 for whitelisting.

D9ping

2012-03-28 17:40

administrator   ~0000124

Last edited: 2012-05-04 16:14

View 7 revisions

Also reported NoteFly 3.0.1 for whitelisting.

To address NoteFly being again reported as false positive virus in the future,
i'm going to stop using LZMA compression on the NSIS installer.

D9ping

2012-04-13 17:25

administrator   ~0000127

Last edited: 2012-06-02 13:41

View 6 revisions

NoteFly 3.0.0 and NoteFly 3.0.1 are added to whitelist.

D9ping

2012-08-28 00:08

administrator   ~0000141

Last edited: 2012-08-28 00:12

View 5 revisions

Bug report reopened, Setup version 3.0.3 again reported as Suspicious.Emit by Symantec and HeurEngine.ZeroDayThreat by PCtools.
Applied for white listing.

D9ping

2012-09-16 14:42

administrator   ~0000142

NoteFly 3.0.3 setup added to whitelist.

D9ping

2013-05-12 16:39

administrator   ~0000150

Last edited: 2016-05-17 23:52

View 7 revisions

NoteFly 3.0.4 causing false positives. Reference https://www.virustotal.com/en/file/26747d48b7080a0bdacc42668b4ef5e9ae1dd2181f979fcf5336f6c1800c2906/analysis/1368369327/
AV:                     False positive:
PCTools                 HeurEngine.ZeroDayThreat
Symantec 	        Suspicious.Emit
TrendMicro-HouseCall 	TROJ_GEN.F47V0515
VBA32 	                suspected of Crafted.Win32File.OLS
Emsisoft 	        Trojan.Generic.10008038 (B) 
McAfee-GW-Edition 	BehavesLike.Win32.Tool.dc

D9ping

2013-05-16 17:09

administrator   ~0000152

Last edited: 2015-05-08 17:39

View 5 revisions

NoteFly 3.0.5 causing false positives. Reference https://www.virustotal.com/nl/file/2bc5402c1ee3c38a64a1116247d267df170e4527f89865a0bef4153e89a7f740/analysis/
AV:                     False positive:
PCTools                 HeurEngine.ZeroDayThreat
Symantec                Suspicious.Emit
TrendMicro-HouseCall    TROJ_GEN.F47V0515
VBA32                   suspected of Crafted.Win32File.OLS

D9ping

2013-06-27 23:18

administrator   ~0000164

I'm going to try to get a code signing certificate so false positives are less likely. Code signing progress is being tracked in issue #0000188.

D9ping

2013-07-11 11:19

administrator   ~0000171

Last edited: 2015-05-08 17:40

View 9 revisions

NoteFly 3.0.7 causing false positives. Reference https://www.virustotal.com/en/file/62cb5efaf646445ba5103686f4aff3f83d8af0a585f2193d17e259e85ffce60b/analysis/
AV:                     False positive:
PCTools 	        HeurEngine.ZeroDayThreat
Symantec 	        Suspicious.Emit
TrendMicro-HouseCall 	TROJ_GEN.R047H01G913

D9ping

2014-01-19 14:47

administrator   ~0000175

Last edited: 2016-05-17 23:46

View 5 revisions

McAfee Scan PlusĀ® that comes bundled with Adobe Flash Player reports notefly.org as malicious website because of Suspicious.Emit false positive detection on the NoteFly NSIS setup. I hope McAfee will remove this false positive as it's hurting notefly.org domain reputation. resolved.