Trojan in setup

[rrdirnens]

My Environment

• Windows 10

I'm using NVM4W version:

latest

I have already...

• read the README to be aware of npm gotchas & antivirus issues.
• reviewed the wiki to make sure my issue hasn't already been resolved.
• verified I'm using an account with administrative privileges.
• searched the issues (open and closed) to make sure this isn't a duplicate.
• made sure this isn't a question about how to use NVM for Windows, since gitter is used for questions and comments.

My issue is related to (check only those which apply):

Setup file

Expected Behavior

Not to have a trojan warning pop up

Actual Behavior

Trojan warning popping up:

This happens right after download, without even opening file.

[coreybutler]

These warnings are vendor-specific. NVM4W has passed all major tests, so I'm guessing the antivirus app in question is flagging the entire Go language. These are false positives, but it's ultimately up to the AV vendor to update their definitions.

Which Antivirus are you using? Did you download from the releases here on Github or somewhere else?

[rrdirnens]

Using 360 total security, downloaded nvm4w from github releases, latest version. So you think I should ignore the warning and restore the files regardless

[coreybutler]

NVM4W is safe, as long as you're downloading it from here. There have been over 1.5M downloads and nobody has ever mentioned anything destructive happening on their system. Furthermore, it appears QiHoo does have a fair number of false positives. See https://security.stackexchange.com/questions/153851/qihoo-360s-antivirus-false-positive-rate.

It also looks like the company hasn't been straightforward in its testing practices in the past. See QIHOO 360 CAUGHT CHEATING IN ANTIVIRUS TESTING. Your call, but with a track record like that, I'd be inclined to use a different antivirus.

Closing this issue since it's a vendor-specific false positive.