SUMMARY
Foundry is aware that ClamAV, in versions up to 1.0.1, flags the Windows installer for the Nuke 14 series as containing the RagnarLocker ransomware.
MORE INFORMATION
An investigation was made into this finding, with our installer being placed under the scrutiny of multiple alternative signature based and also next-gen antivirus tools - all of which found no trace of this ransomware.
Our Engineering teams have compared the signatures and detection logic utilised by ClamAV against our Nuke 14 Windows binaries and discovered where the false positive is being triggered. We have submitted a false positive report to the ClamAV team and expect this finding to be remediated in future ClamAV releases.
We would invite any customers who have observed this result from ClamAV to also scan using other tools - such as Windows Defender, MalwareBytes or Hitman Pro - to self certify this finding as a false positive.
We take customer security very seriously.
If you have any questions or concerns, please contact us by opening a Support request following the guidance in this article: Q100064: How to raise a support ticket
We're sorry to hear that
Please tell us why