View topic - Virus warnings on Autohotkey • AutoHotkey Community

View unanswered posts | View active topics

Board index » General » Offtopic

All times are UTC [ DST ]

Virus warnings on Autohotkey

Page 1 of 1

[ 7 posts ]

Print view | E-mail friend

Previous topic | Next topic

Author

Message

David Andersen

Post subject: Virus warnings on Autohotkey

Posted: July 26th, 2009, 9:26 am

Joined: July 15th, 2005, 3:19 pm
Posts: 140
Location: Denmark

Hi,

Have a look at the following page analysing a tiny Autohotkey program:
http://www.virustotal.com/analisis/9dd9 ... 1248596972

As you can see it is identified as a virus by multiple anti-virus program.

Any ideas how to fix this?

Top

Tuncay

Post subject:

Posted: July 26th, 2009, 10:09 am

Joined: November 7th, 2006, 9:47 pm
Posts: 1934
Location: Germany

Nothing new. With AutoHotkey it is so easy to make keyloggers. Thats the reason why some anti virus applications treat Ahk as a malicious software. In general, if you use Ahk, you can ignore that.

Top

n-l-i-d

Post subject:

Posted: July 26th, 2009, 11:06 am

This is a known problem.

Usually the antivirus programs trigger on the UPX compression. You can try renaming the UPX.exe in the AutoHotkey folder, and compile again. If you reupload the new executable to VirusTotal, you'll see lesser (or no) false positives.

HTH

Top

David Andersen

Post subject:

Posted: July 26th, 2009, 7:54 pm

Joined: July 15th, 2005, 3:19 pm
Posts: 140
Location: Denmark

Thanks for the tip n-l-i-d. I will remember that if I need to distribute an Autohotkey program widely.

Top

Murx

Post subject:

Posted: March 23rd, 2010, 12:07 pm

Might be of interest :arrow:

http://blog.nirsoft.net/2009/05/17/anti ... evelopers/

Top

PhiLho

Post subject:

Posted: March 26th, 2010, 3:10 pm

Joined: December 27th, 2005, 1:46 pm
Posts: 6837
Location: France (near Paris)

For the anecdote, I am, at work, in the process of moving from an antediluvian computer (2004, 1GB of memory, Pentium 4) to an old computer (2006, 2GB, Pentium D)...

Still a big jump in performance, particularly when I run Thunderbird, Firefox (a memory hog), Eclipse (another one), Trend Micro anti-virus, Skype, and our own Java applications for tests.

My point is: the new computer has a Trend Micro anti-virus too, except it runs on the network (well, locally, but scheduled by server, reports to server, etc.).
While I moved my files, I had a number of alerts: one on a AutoHotkeySC.bin file inside an archive: I keep, out of habit, something like 20 old versions of AHK. Only one was reported as Trojan (Generic). I removed the file. Ah, and also some compiled scripts too, perhaps with the same version.

For the record, it reported also SpyEx (a window/Windows message examination tool, but Google searches shown a Trojan of same name exists), the hook DLL of DeskProjection, and perhaps a couple of other files.

_________________

vPhiLho := RegExReplace("Philippe Lhoste", "^(\w{3})\w*\s+\b(\w{3})\w*$", "$1$2")

Top

IsNull

Post subject:

Posted: March 27th, 2010, 10:35 am

Joined: May 10th, 2007, 10:54 am
Posts: 649
Location: .switzerland

you may remember: http://www.autohotkey.com/forum/topic31975.html

_________________
http://securityvision.ch
AHK 2D GAME ENGINE

Top

Page 1 of 1

[ 7 posts ]

Board index » General » Offtopic

All times are UTC [ DST ]

Who is online

Users browsing this forum: Google Feedfetcher, Morpheus and 12 guests

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum