Re: npcap-1.55.exe flaged as malicious

[Gordon Fyodor Lyon <fyodor () nmap org>]

Hi Onno.  Good question. Npcap Version 1.55 is absolutely not malicious or
infected by anything, but unfortunately there are a many garbage antivirus
engines out there which flood VirusTotal with false positives like this.
The latest VirusTotal report on Npcap 1.55
<https://www.virustotal.com/gui/file/0bcc56aef29b24985d7f658cd34013b08cb53ad5bf6b6ac2a982a5f6d4d95800>
shows
that only 2 of their 66 AV engines flag any issues.

If there are any users of "SecureAge APEX" or "VBA32", it would be great if
you could report this false positive to them.  It can also help if anyone
with a free VT account here hits the green (safe) checkmark next to
"Community Score".  That helps assure people that the A/V flagging is bogus.

Meanwhile, we will soon release Npcap Version 1.60 and maybe that will be
different enough that these AV programs don't wrongly flag it.

Cheers,
Fyodor


On Wed, Nov 24, 2021 at 1:07 PM Rommen, Onno via dev <dev () nmap org> wrote:

> Hi guys,
>
>
>
> VirusTotal flags npcap-1.55.exe, as available on your site, as malicious.
> Are you aware of that and what is your reaction on that please?
>
>
>
> Hope to hear from you soon.
>
>
>
> Sincerely,
>
>
>
> *Onno Rommen, Lloyd’s Register*
>
> *(Working days Monday, Tuesday, Wednesday & Thursday)*
>
>
>
> Senior Lead Auditor Information Security, LRQA
>
> T +31 (0)10 2500 505  M +31 (0)6 1746 1166 E onno.rommen () lr org
>
> Lloyd’s Register Nederland B.V. K.P. van der Mandelelaan 41a 3062 MB
> Rotterdam
>
> Visit www.lr.org
> <http://lloydsregister.newsweaver.com/directorcomms/bvxv4lgtikq1854eejw55e?email=true&a=6&p=964588&t=1866706>
> or follow us on: LinkedIn
> <http://lloydsregister.newsweaver.com/directorcomms/1ocskot0kux1854eejw55e?email=true&a=6&p=964588&t=1866706>
> Facebook
> <http://lloydsregister.newsweaver.com/directorcomms/9sc2b7zemfr1854eejw55e?email=true&a=6&p=964588&t=1866706>
> Twitter
> <http://lloydsregister.newsweaver.com/directorcomms/5dq2kvi2zeo1854eejw55e?email=true&a=6&p=964588&t=1866706>
>
>
>
> *Please consider the environment before you print this email*
>
>
>
> Lloyd’s Register and variants of it are trading names of Lloyd’s Register
> Group Limited, its subsidiaries and affiliates.
> Lloyd’s Register Group Services Limited is a limited company registered in
> England and Wales, registered number 6193893.
> Registered office: 71 Fenchurch Street, London, EC3M 4BS, UK. A member of
> the Lloyd’s Register group.
>
>
>
> Lloyd’s Register Group Limited, its affiliates and subsidiaries and their
> respective officers, employees or agents are individually and collectively,
> referred to in this clause as ‘Lloyd’s Register’. Lloyd’s Register assumes
> no responsibility and shall not be liable to any person for any loss,
> damage or expense caused by reliance on the information or advice in this
> document or howsoever provided, unless that person has signed a contract
> with the relevant Lloyd’s Register entity for the provision of this
> information or advice and in that case any responsibility or liability is
> exclusively on the terms and conditions set out in that contract.
>
>
>
> *[image: Remote Assurance-NL]*
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Finfo.lr.org%2Fremote-assurance-e-nl&data=02%7C01%7COnno.Rommen%40lr.org%7C4e3eb9cb11ec4c40342c08d7da14f170%7C4a3454a08cf44a9cb1c06ce4d1495f82%7C0%7C0%7C637217655796373385&sdata=vhUEpdusl6UzW1UMFXox2Zm4gjjeJko9tsafX%2FytZog%3D&reserved=0>
>
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/