Skip to content
Christian Brabandt edited this page Sep 22, 2023 · 6 revisions

Welcome to the vim-win32-installer wiki!

FAQ

The installer contains a virus/trojaner/malware! What should I do?

We tend to get a lot of issues claiming that some anti-virus software flags the installer as being malicious/trojaner/virus/malware etc. This is a problem, that a lot of open-source projects share (e.g. git-for-windows), which use some free installer software. The Vim-Win32-installer uses the Nullsoft Installer, and they even have a dedicated webpage about false-positive reports.

There is not much we can do about it, since we don't know what is actually causing the security software to flag the software here. Quite frankly, mostly the security software tends to use rather aggressive heuristics which flags legitimate software and does not detect any real malware. In addition this tends to happen, because daily created binaries here haven't seen much distribution yet and therefore seem to be suspicious to security software. Since those reports are based on heuristics rather than actual threats, there is nothing we can do here to fix this. Instead, the security software should:

  • clearly indicate what the problem is, instead of scaring users
  • provide a way to upload files for further analysis and flagging false-positives

Also please note: We are providing almost daily builds of Vim which is open source software as a free service to users. Suspicious behavior should therefore be easily be verified from the source code.

This means, there is not really much we can do here about it, but have to live with it. Please do not report such false positives here, but please complain to your security vendor. In addition, you can verify the binaries using virustotal which allows you to upload and scan files by several different anti-virus vendors and shows the results.

For false reports from MS-Defender, please upload them to Microsoft for inspection.