| View previous topic :: View next topic |
| Author |
Message |
corrupt
Joined: 29 Dec 2004
Posts: 2419
|
 Posted: Sun Mar 11, 2007 7:20 pm Post subject: |
 |
|
Thanks for the link. AVG is showing recently compiled scripts on this PC as TROJAN HORSE GENERIC3.HTN  . Although I'll probably inform them it proabably wouldn't hurt if AutoHotkey's developer(s) dropped them a line also...
Edit: Interestingly, I restored the file and it seems that the file was corrupted. Compiling the file again from source seems to solve the issue but I didn't update AHK before compiling again... |
|
| Back to top |
|
 |
jballi
Joined: 01 Oct 2005
Posts: 361
Location: Texas, USA
|
| Posted: Mon Mar 12, 2007 12:26 am Post subject: |
|
|
I received this reply from AVG Technical support today...
| Quote: | Thank you for your email.
Unfortunately, the previous virus database might have detected the virus (Trojan Horse) on some legitimate applications. We can confirm that it was a false alarm. This false detection will be fixed in the next virus database update. Please update your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do it this way: open AVG Virus Vault (Start -> Programs -> AVG Antivirus -> AVG Virus Vault). Locate the file that was removed, right click on it and choose "Restore File(s)" option.
We are sorry for the inconvenience.
Best regards,
David Rohlik
AVG Technical Support
|
I checked. No, not yet. Hopefully they will resolve the problem in the next couple of days.
Them be my thoughts... |
|
| Back to top |
|
|
corrupt
Joined: 29 Dec 2004
Posts: 2419
|
| Posted: Mon Mar 12, 2007 1:49 am Post subject: |
|
|
| Thanks for the update. Unfortunately I ended up losing a few files on my laptop that I had deleted the scripts for. AVG on my laptop was apparently set to delete by default... |
|
| Back to top |
|
|
Grumpy
Guest
|
| Posted: Mon Mar 12, 2007 10:35 am Post subject: |
|
|
AntiVir is annoying because of these false alerts and some other issues (the daily ad page, no scan over network, etc.).
I switched to Avast! and it seems much better!  |
|
| Back to top |
|
|
corrupt
Joined: 29 Dec 2004
Posts: 2419
|
| Posted: Mon Mar 12, 2007 11:08 pm Post subject: |
|
|
Although it may not be AHK that's causing the issue, I have found 3 machines now where the files quarantined by AVG files turned out to be corrupted. Updating to the latest version of AHK on XP Pro SP2 seems to allow compiling scripts again on at least 1 machine tested but I've tried the last 3 releases on Vista and AVG will complain on each of them when trying to compile. So, ATM I can't seem to compile using Vista but can compile using XP then move the compiled file to Vista Ok...  |
|
| Back to top |
|
|
Antoine92
Guest
|
| Posted: Tue May 15, 2007 5:57 am Post subject: |
|
|
Some new false positives by AVG since this morning after latest virus db update. With all exe files generated by AHK compiler, AVG believes to recognize the following malware :
| Code: | | Trojan horse Generic4.IRO |
|
|
| Back to top |
|
|
thd
Guest
|
| Posted: Tue May 15, 2007 7:31 am Post subject: |
|
|
At my work AVG also reported this trojan (Trojan horse Generic4.IRO) in all compiled AHK scripts (and also the .BIN file in the AHK folder) since this morning. Updating to the latest AHK version and recompiling fixed the problem.
Thank god I have a script that automatically recompiles and puts the files on the network... I wouldn't want to have to recompile the script on 50 PC's. |
|
| Back to top |
|
|
Antoine92
Guest
|
| Posted: Tue May 15, 2007 7:55 pm Post subject: |
|
|
| Just a post to confirm what thd wrote : no more false positive with AVG and the latest AHK build. Thanks thd. |
|
| Back to top |
|
|
POINTS
Joined: 18 Jan 2006
Posts: 284
|
| Posted: Thu May 17, 2007 4:26 am Post subject: AVG |
|
|
AVG said that Autohotkey.exe was a virus. I have the latest build (I think) but when I scan it manually it says it's okay so hopefully AVG won't bug me any more.
It's kind of lame when you think about it. It's like saying "python.exe" is a virus because someone wrote a script that acts as a virus. Pretty lame Anti-virus guys...
_________________
My AutoHotkey Program for Warcraft III:
Warkeys
http://warkeys.sourceforge.net/
Remap your hotkeys
Healthbars always on
Remap inventory |
|
| Back to top |
|
|
ashraf
Guest
|
| Posted: Wed Apr 23, 2008 11:37 pm Post subject: Re: AntiVir False Positives with EXE made with AHK 1.0.46.08 |
|
|
| Dragyn wrote: | Just an FYI, never saw this in previous versions of AutoHotkey's compiled executables. The virus was added to AntiVir last year in August, so I'm pretty sure its a change in AutoHotkey.
The virus reported to be found is:
TR/AutoIt
This is with the latest free home version of AntiVir http://www.free-av.com/
I'm guessing that some specific byte code that AntiVir is using to identify the AutoIt Trojan is being identified in executables generated with the latest version of AutoHotKey. (Since AutoHotkey is an AutoIt derivative I believe, that makes some possible sense?)
For now I set an exception in AntiVir to not scan my AutoHotKey generated EXE files, but that always makes me nervous in case they did get infected with some other virus in the future.
Not sure if there's anything you can do about it, or if its something AntiVir has to adjust (or if you could help them with what they need to fix) but thought I'd post here as an FYI. |
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
