jessy

ok, thanks for your reply

I know .msi got the silent parameter which, but that doesn't help me if I want to make a installer for it, which is only 1 single file

I often used this method to create my own installers for my workplace, using a vbs file to launch the software with a silent switch

veremo, i'm simply reporting a false positive. there's no suspecious of what i posted, and it's clearly a false detection, but being able to use the sfx commands.

try reinstall windows, and then install nod32 7

this false positive is not solved after the last update

It's solved now, and it's not detected anymore

If I want to simulate the drag an drop option, that's the way to do it, and I don't see why in gods name that should be detected

Just a stupid example to show you, it's detected: CreateObject("WScript.Shell").Exec "test1.jpg test2.png" detection name: VBS/Starter/NAQ trojan

it's not, try change it to like this: "test1.exe test2.exe" or other extension names too, it's still detecting it, no matter what

simply create a new file, with the content of : CreateObject("WScript.Shell").Exec "sqlexplorer.exe command.exe" you can change the names, or the extensions, it's still detected.

it doesn't matter what the content in the vbs script is, it's detecting it no matter, what content it is for some reason

I think they are going to far, not thinking about what problems it can cause, when they widespread, and just makes a lot of false detections. I'm considering changing to avast.

When I create a winrar sfx, it's being detected by nod32. Looks like no matter, if i Use %appdata%, or %userprofile%, or %temp%, or whatever, it's being detected. with %temp% it's being detected as: RAR/Agent.L trojan and with %appdata%: RAR/Agent.O trojan the settings are: ;The comment below contains SFX script commands Path=%appdata%\settings Setup=apply.vbs Silent=1 Overwrite=2

looks like eset nod32 is making a lot of mistakes at the moment.

I though it maybe was that, (even it was, it would still be a false positive) but it wasn't tried to rename both the filenames, and the extensions, didn't solve the problem. I know I could just use a cmd file, but I think it's very wrong that eset is detecting legit files.

Today, when I was starting my vbs file, to run a sql server, it got deleted by nod32. It's a very simple script, and I think you might have detected it by mistake?. the content of the vbs file: CreateObject("WScript.Shell").Exec "sqlexplorer.exe command.exe"