
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severityĪnd 1 is the lowest level of severity. The following fields listed on the Threat Meter containing a specific value, are explained in detail Remove a threat or pursue additional analytical research for all types of computer users. The Threat Meter is a useful tool in the endeavor of seeking a solution to The scoring forĮach specific malware threat can be easily compared to other emerging threats to draw a contrast in The overall ranking of each threat in the Threat Meter is a basicīreakdown of how all threats are ranked within our own extensive malware database. You a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Specific malware threats to value their severity, reach and volume. Our Threat Meter includes several criteria based off of I am happy to provide further information.The Threat Meter is a malware assessment that 's research team is able to This does need to be looked at carefully for NuGet users - perhaps by backing off on some of the optimisations AND switching to a more modern compiler for the NuGet releases will eliminate FP detections. I suspect the optimisations and packing into an XLL made the shim code look very much like the typical behaviour of a trojan/virus. This stopped the deletion during build and has not triggered customer scanners. Over the weekend I rebuilt ExcelDNA package myself in Release but with compile optimisation disabled. Today, all those appear to have had updates which remove the FP warning, but customer IT departments are scared because of the laws imposed on them by government for safe operation of IT systems carrying public data.

Using NuGet packages, ESET has also started reporting this before the weekend, but an update today stopped the FP report.Įven so, customers with older signature and heuristics databases are reporting problems.


It is possible to avoid FP detections through a few common steps when building releases. Also, do not expect vendors to fix the issue for you through updates.

Please do not fall into the trap of blaming "obscure" software - the problem is very much reported by main-stream and respected anti-virus vendors. I've given details below of the apparent cause of the FP for ExcelDNA and a work around, but I would like to mention something first.ĭetections are not just by "more obscure anti-virus vendors". TrendMicro-HouseCall | TROJ_FRS.0NA103H521 MicroWorld-eScan | Trojan.GenericKD.37347657 It is also known as (In other Anitivirus):ĮSET-NOD32 | a variant of MSIL/ The ExcelDna.xll file is being detected as a trojan "MSIL/" and is being automatically deleted.
