Windows 10 report virus Trojan:Win32/Bulta!rfn of Uninstall xxx.exe

[tangjfn]

• Version: 22.4.1

4.2.5

• Target: win32 x64 nsis-web

Windows 10 1909 18363.720

electron-builder execute fail, because windows has deleted the uninstall.exe

22.3.6 is OK

[baryon]

I have same issue. Trojan:Win32/Bulta!rfn

[Kyusung4698]

Same Issue. My NSIS installer got blocked.

[Kyusung4698]

Hi, I've submitted a flagged version of my installer as false positive to Microsoft. I'll keep you updated.

[Kyusung4698]

Update: Microsoft has removed/ approved the false detection. Please see following submission:
https://www.microsoft.com/en-us/wdsi/submission/69113a4a-0fc7-423d-80ad-f6ed0cf128ad

They'll roll out a new definition file of the Windows Defender soon which will prevent this false flagging.

[adriencohen]

I have submitted my own uninstaller too, they approved the false detection and it worked. However after rebuilding a new version of my app the uninstaller was detected again. Looks like we are going to need to pinpoint the commit which added this

Edit: It comes from version 22.4.0

[lutzroeder]

@develar could the update to nsis 3.0.4.2 in 4e454f8 have caused this?

4e454f8b4 packages/app-builder-lib/src/targets/nsis/nsisUtil.ts      (develar             2020-03-03 13:48:34 +0100  22)   return getBinFromUrl("nsis", "3.0.4.2", "o+YZsXHp8LNihhuk7JsCDhdIgx0MKKK+1b3sGD+4zX5djZULe4/4QMcAsfQ+0r+a8FnwBt7BVBHkIkJHjKQ0sg==")

[edward-buskus]

I have same issue. Is there any solution for this problem?

[develar]

NSIS updated to 3.0.5, maybe Windows Defender will be more happy with this version. electron-builder will be released soon.

[edward-buskus]

deleteAppDataOnUninstall: false helped me at the moment.

[develar]

Please try 22.5.0

[awlx]

22.5.0 doesn't produce a build anymore:
https://ci.appveyor.com/project/awlx/jitsi-meet-electron/builds/31874856

[develar]

I don't have time today to investigate what's wrong with building on Windows using a new version of NSIS.

So, reverted to 3.0.4.1 as a quick solution.

[indutny-signal]

It has been a year since initial report. Should NSIS version be reverted back to 3.0.5.0 now?

[indutny-signal]

Friendly ping. The new NSIS build shouldn't trigger the antivirus anymore, so I think we could try bumping it up again.

[JCMais]

This seems to be happening again on the latest version.

[indutny-signal]

I don't believe nsis version was changed since September: https://github.com/electron-userland/electron-builder/commits/master

[vnicolici]

I have a similar problem with an install.exe file coming from an Electron app: https://i.imgur.com/Cxj1weh.png

[dclipca]

https://i.scdn.co/image/ab67616d0000b273950359444321d635b59838b3

[dclipca]

Updating to electron-builder 22.14.10 fixes the issue because it has NSIS 3.0.4.1.

[BarryCarlyon]

This one is rearing it's head again in the last couple of hours when trying to build.

On the uninstaller no less....

using 22.14.5 (NPM latest) on windows.

[ErikMach]

@BarryCarlyon I had the same problem with version 22.14.5.
But I just used 22.14.12 and it worked fine.

[BarryCarlyon]

@ErikMach since 22.14.12 isn't on NPMJS I tried to intall it via github and got a weird "this is not a mac" error on my windows machine. So I'll need to dig about with that further.

[ErikMach]

I installed it via npm with the command npm install --save-dev electron-builder@22.14.12

[BarryCarlyon]

I'll give it a poke :-D

[koyuawsmbrtn]

Still an issue with the latest release of electron-builder. Issue can be reopened.

[egeres]

Same issue happening here!

[augustnmonteiro]

Same here as well

[augustnmonteiro]

When we send and update to the users, it gets uninstalled but it doesn't get installed again.

Going to force use of 22.14.12 as for now

[augustnmonteiro]

@develar can we reopen this one?

[joehinkle11]

I have the same issue on on 23.3.3. I just started investigating it.