Closed andreescocard closed 1 year ago
Same here on Windows 10. Cant build anything with nw-builder without Windows Defender automatically deleting the executable.
This is a false positive in Windows Defender.
Yes, but that should not be a thing at all. I can't create apps built on nw.js if the user has to explicitly allow it to run, or in my case, download it again because Windows Defender automatically deletes the executable.
How to control, what malware/antivirus programs want to do?
I think some malware writers use things like nwjs, python, pyinstaller, node, and other open source software. In turn sometimes the signatures for those end up in the vendors database and legit software ends up getting flagged.
But also see comments in #7725 #6507 #5457 #4023 #3946 #7418
I ran into this today. Windows Defender removed my entry point html file.
Looks like u ar' tryin' to put zipped sources into nw.exe. and then run nw.exe It's really 'fine' malware tactic - put self-data to normal .exe, so WD triggered(( Btw i have same issue)))) In dat case i 'solved' this just using Enigma Virtual Box from nwjs docs
Really? Just randomly close it?
Damn, this is getting more and more hilarious.
What is a better solution @ElPrudi ? I don't like things getting flagged either, but again, how do you control what those vendors do?
I am just curious to understand why using electron the executable don't get flagged the same way. Anyway i gave up using nw.js, to everyone that will use the software have to add it on whitelist is inviable for me.
@andreescocard It does happen to electron also, but maybe there are more people to submit builds to the malware detector vendors:
https://github.com/electron/electron/issues/4485
Electron also I think signs their builds. Anyway good luck!
This issue happens with both Windows Defender and Kaspersky, which both identify nw.exe
as the culprit :
Trojan:Win32/Doplik
- This program is dangerous and executes commands from an attacker.
Current/Missing Behavior
After download finishes Windows Defender pops a message showing threats were found. Virus total flags as virus too: https://www.virustotal.com/gui/file/4906524473eb3f7b530d4993906f4418141aba025dced23a4f541ddd110769ec
Expected/Proposed Behavior
Windows Defender not flagging executable as trojan.
Additional Info