Robin,
I'm going to try to respond nicely to your ignorance of a product that you
are *clearly* not familiar with. I'm also going to spell it out nice and
clearly for anyone else who doesn't know what NSIS is or what it does.
NSIS is the Nullsoft Scriptable Install System (long ago known colloquially
as the "llama installer"). It's the installer that was written by the guys
that brought the world such nifty software as WinAMP, long before there were
any other decent media players out there. One thing that was really nice
about it was that they decided that the world would be a better place if
InstallShield didn't have a monopoly on the Installer market, so they made
it free and open source.
This software has been around for a very long time, and it is certainly not
spyware. It has the pretty much the same functionality as InstallShield,
and if you consider NSIS to be spyware, then by the same logic
InstallShield, and even Microsoft's Windows Installer must also be spyware.
The biggest problem here is that being free and open source, a number of
cash-strapped Spyware developers choose to use the freely available NSIS
platform to install their products. They could just as easily use one of
the others, but that would cost them money. So because some of the NSIS
installer plugins get bundled with the setup program of spyware, every now
and again, the anti-spyware vendors forget about what they spent hours doing
just a few weeks before, and they declare the dll to be part of the
spyware's code, which it isn't - it is merely part of the installer's code.
Please feel free to visit the web site at
http://nsis.sourceforge.net -
please also feel free to read through each and every line of code there and
then proclaim to the rest of the readers of this group exactly which line of
code you find to be "suspect". Just because you can't find a file called
"dialer.dll" on your machine does *not* count.
As for the full path to the files, on *my* machine, and those of thousands
of developers out there that actually use NSIS to create installers, the
files are in C:\Program Files\NSIS\Plugins, right where they should be...
On anyone else's machine, they could be in any of a number of places,
including one's temp folder, for example, if you installed a piece of
software that happened to make use of one of the affected plugins in order
to install the software you were installing.
For completeness, the reason I didn't go into a lot of detail was because I
saved that detail for the official false positive submission for the
technical people that know what they are talking about (Bill and André - you
guys are saints to put up with this sort of thing in the newsgroups every
single day). Also, if you *bothered* to search the newsgroups for NSIS and
false positive, you will see the previously targeted dll's were math.dll and
nsisdl.dll (actually, nsisdl.dll got picked on two separate occasions, and
has also been picked on a few times by anti-virus vendors, all of whom have
noted the false positives and made the appropriate changes to their
signatures, never questioning them for being suspect, just because they
didn't have a copy of that file on *their* machine - that's why the false
positives reporting page has a space to fill in the download location so
that they can look into it further).
I hope that this clarifies things just a little bit.
Thank you all for taking the time to read this - I am sure you all have work
to do, as do I - I apologize for the lengthy diatribe.
P.S. Robin, next time, please take the time to actually read the subject
line before responding in haste regarding something you are not familiar
with. Better yet, if you have never heard of the product, please do us all
a favor and just skip to the next thread.
