Rainmeter Flagged as Virus in Pc Scan

[t-rextasaus]

Hello I am new to the community and Rainmeter.

I discovered it from a tutorial and downloaded it from the official site (rainmeter.net)

I set it up + it works perfectly. However, when my antivirus application scanned my computer [PC MATIC], it flagged Rainmeter as a virus/malware.

Many people have used it supposedly without problems, but I became scared and un-installed it.

Now, I'm confused about what to do.

How do I fix the issue so it will stop getting flagged? Alternatively: How do I make it seem more secure to my antivirus software?
Am I doing something wrong here, or is it PC Matic?

[balala]

I set it up + it works perfectly. However, when my antivirus application scanned my computer [PC MATIC], it flagged Rainmeter as a virus/malware.

No, according to the attached screenshot, not Rainmeter is indicated as being infected, but the nircmd.exe addon, which is used by many skins. You have this addon in one of your skins (it's seeable in the screenshot in which one). This file is safe for sure, the alarm is a false positive. I have used this file as well and my antivirus caught it many times, until I finally added it as an exception into my antivirus. Never had problems with it. But lately, this once wide used addon, seems to became less and less used, probably exactly for this problem. Even if added it to the exceptions (as described above) I finally renounced to it, because even if I trust it, when I create and publish a skin and it is indicated as being infected, peoples don't want to download or use it and I understand them.
Long story short, you can reinstall Rainmeter with no fear, at most don't install the skin containing this addon.
Wish you many satisfactions in using Rainmeter, which is a great tool, in which you can trust.

[Yincognito]

I am reasonably knowledgeable when it comes to security products and it's the first time I hear about PC Matic. So I'm gonna be blunt about it: use a REAL security product ASAP. Not because of flagging Rainmeter (or deep level tools like NirCmd for that matter) but for your system security's sake.

As for the flagging, feel free to upload Rainmeter to a comprehensive online scanner like VirusTotal or a site like Any.Run and see for yourself by verifying if the flagging has been justified. Usually, results from top AVs like ESET NOD32, Kaspersky and a few others (the best are almost never the most marketed ones or the ones making appearances in various paid articles, by the way) are key to watch in such a case, because otherwise, many mediocre AVs will issue false positives on occasion.

This, of course, assumes that your Rainmeter wasn't somehow infected by another virus from your system.

As for how to stop proven false positives from being issued, it's easy: just add the file proven to be clean to the product's Exception List. Even a software like PC Matic should have such an option.

[SilverAzide]

This has nothing to do with Rainmeter. As blalala pointed out, you installed two skins (ModularClocks and ModularPlayer) from some other source that are using NirCmd executables. Poor-quality virus scanners often falsely flag this software as a virus or malware. I would suggest you upgrade your AV software to something better; Microsoft's free built-in Windows Defender is better than the one you are using.

[t-rextasaus]

Poor-quality virus scanners often falsely flag this software as a virus or malware. I would suggest you upgrade your AV software to something better; Microsoft's free built-in Windows Defender is better than the one you are using.

Usually, results from top AVs like ESET NOD32, Kaspersky and a few others (...) are key to watch in such a case, because otherwise, many mediocre AVs will issue false positives on occasion.

Poor-quality virus scanners often falsely flag this software as a virus or malware. I would suggest you upgrade...

Thank you all so much.

The main motivation behind selecting PC Matic came a few years ago, as a suggestion from a friend (and the lifetime package appeared affordable for my needs https://www.pcmatic.com/consumer/) also wanted something better than the slowness of the package I had before.

I never heard of ESET NOD32 / Kaspersky before until today. More Antivirus applications deserve more attention, I think.

Will spend time searching for another application, regardless. I plan to add it as an exception soon in the meantime.

Thank you three again : )

[Yincognito]

The main motivation behind selecting PC Matic came a few years ago, as a suggestion from a friend (and the lifetime package appeared affordable for my needs https://www.pcmatic.com/consumer/) also wanted something better than the slowness of the package I had before.

I never heard of ESET NOD32 / Kaspersky before until today. More Antivirus applications deserve more attention, I think.

Will spend time searching for another application, regardless. I plan to add it as an exception soon in the meantime.

Well, like I said, VirusTotal's results tell you everything there is to know about those alerts (these screenshots are for just downloaded versions of both x86 and x64 NirCmd.exe, respectively, so they might not correspond to the version on your computer that you were alerted on; notice the absence of PC Matic from the security products from their database, and also note the identification given to the executables when detected, as well as which software detected them):

NirCmd.exe x86 (2023-07-31-01_08_33).jpg

NirCmd.exe x64 (2023-07-31-01_09_44).jpg

If you never heard of ESET or Kaspersky, then you're most likely quite new to the security field. Sure, nowadays the differences in this field are minor between serious providers in both detection and performance, with only the newcomers or the mediocre lagging behind, but there was one point when these two were the standard in detection (before others leveled the field, that is). Anyway, a decent site where such software are independently tested (or at least so they say) is AV-Comparatives, where you can see specific reports on various things and products that were tested. Another one is AV-Test, albeit its inclusion of PC Matic and others with a near perfect score, the lack of details on the testing procedures, and the big red heading with the pompous "best" right on their homepage doesn't inspire much credibility IMHO.

Bottom line, today there are providers that make decent security software, some of them even being free (at the cost of user data collecting and selling, obviously, like it's customary in this day and age for almost every software company). Normally, if you want to cover most angles in this case, you'd have an antivirus, a firewall, and a "no script" browser extension along with some common sense internet navigation habits and you should be fine, even if you're paranoid about it. You can get free offers of all these things, but of course, you'll have to select those that match your performance considerations as well, like you said. The time you'll spend on choosing the most efficient and fast product for you would be well spent, because this choice is not something you'll make every day - generally, you'll choose now and relax for a couple of years (set it and forget it) before things change significantly in this area.

[t-rextasaus]

Well, like I said

Yes, I understand. Your previous explanation was helpful. Thanks for the detailed explanation.

[Yincognito]

Yes, I understand. Your previous explanation was helpful. Thanks for the detailed explanation.

No problem.