The VirusTotal false-positive problem seems to be resolved

Not too long ago we reported that VirusTotal was reporting that some of its antivirus (1 or 2) were erroneously identifying our software as malware, which was clearly a mistake and a false-positive.

Since then, we embarked in the endeavor to ditch nssm (a third party tool, not developed by Syncplify) which was identified as the root cause of the issue.

Today we are happy to report that our efforts seem to have paid off: new scans on VirusTotal show our software now 100% clean and virus-free.

Syncplify Server! v6.2.0 released 🔥

Importance of this update: HIGHEST
  • Removed dependency on nssm.exe to reduce the number of false-positives from certain antivirus and antimalware software: all components of the Windows version of our software now run as native Windows system service (all Linux versions were already native system services)

IMPORTANT NOTE: those who are running the “worker” system service under a different account (not System or LocalSystem) will need to re-configure the service to run under such account after upgrading from any version number <= 6.1.12)

Upgrading from v6.x.y is a simple and fairly automatic process: simply download the latest version from the official download page, and install it over the existing version, all of your settings and license will be kept.

If, instead, you’re upgrading from an older (v4/v5) version, you find the upgrade instructions in our knowledge base.

Thank you all for trusting our software with your secure file transfers!

False-positives on VirusTotal

One-liner: yes, those are false-positives, and our software is 100% safe and virus-free!

Some users have reported that when they scan our Syncplify Server! installer with multiple engines using VirusTotal, they occasionally receive one or two warning (out of 70+ antivirus engines that VirusTotal employs).

It was out duty to investigate.

First and foremost, let us confirm, for everyone’s peace of mind, that our software is absolutely virus-free and safe to use, so those are so-called “false positives”.

Why is it happening? We narrowed it down to the fact that in order to run our software as a Windows system service, we take advantage of a little piece of 3rd-party software called NSSM.

NSSM is a tiny piece of software that allows any console (stdin/stdout) application to be executed as a system service in Windows. This was not developed by Syncplify, but we adopted it because of the great flexibility and reliability it offers. Sadly, we learned that some antivirus engines flag this little executable as suspicious (it not flat-out as malware).

We are, therefore, hard at work to drop the need for NSSM, and turn the Windows version of our software into a set of native system services, thus bypassing the issue entirely.

As always, thank you for your trust and for your patience.