Open pratamajohan opened 1 year ago
I assure you this is a false positive. LogAlert is 100% open source, and the EXE was packaged by the widely used and trusted pkg system made by Vercel. It is most definitely not a virus.
I suspect another virus exists in the world that also used pkg, which then got indexed by the scanner. pkg wraps Node.js code in a EXE that contains the entire Node.js binary runtime. This ends up being a large (50MB) EXE file that is 99% Node.js binary bits, and 1% actual code. I suspect that the virus indexer flagged the binary parts, and now it falsely detected LogAlert, which shares 99% of the virus code (because it's all boilerplate Node.js runtime).
I don't know if there is anything I can do here, except maybe recompile LogAlert with a newer version of pkg and Node.js? I have no real knowledge of how Windows virus scanning works.
Released LogAlert v1.0.4 with everything rebuilt on Node.js v18 (LTS), and latest pkg (v5.8.1).
Maybe this will make your virus scanner happy? I honestly don't know 🤷🏻♂️
Looks like this kind of thing happens a lot. See pkg issue #1715 and pkg issue #1540.
Maybe we can try to report the LogAlert EXE as a false positive to the virus scanner software companies? See here:
https://www.starmessagesoftware.com/blog/report-submit-false-positive-antivirus-software
What virus app are you using?
Looks like this kind of thing happens a lot. See pkg issue #1715 and pkg issue #1540.
Maybe we can try to report the LogAlert EXE as a false positive to the virus scanner software companies? See here:
https://www.starmessagesoftware.com/blog/report-submit-false-positive-antivirus-software
What virus app are you using?
hi thanks for the reply my antivirus is avast. i already report to avast as false positive detection
scanned with avast then detected as virus Win64:PWSX-gen trojan