| View previous topic :: View next topic |
| Author |
Message |
Lexikos
Joined: 17 Oct 2006
Posts: 2739
Location: Australia, Qld
|
 Posted: Thu Jan 17, 2008 6:10 am Post subject: |
 |
|
I just tried compiling this with a v1.0.47.04 AutoHotkeySC.bin.
| AVG: Threat Detected! wrote: | While opening file: Z:\MsgBox.exe
Virus identified Worm/Autoit.LM
|
| Ahk2Exe Error wrote: | Error: Unable to create the compiled archive.
|
I had to use 7-zip to extract the bin file from the installer, since I didn't have the old zip version.
Scripts compiled with v1.0.45.04 are not detected as viruses, at least for me. I guess only v1.0.47.04 matched the virus signature. Perhaps someone wrote a virus with this version of AutoHotkey and it was reported to AVG.
I'm curious about why "Autoit" is in the name, given that I used the same version of Ahk2Exe and different versions of AutoHotkeySC.bin...
I've sent a sample (MsgBox.exe) to AVG.
Edit: btw, the description for Ask for Help is
| Quote: | | Ask questions and (hopefully) get answers. |
NOT | Quote: | | Ask for help with scripting |
That aside, anti-virus false positives prevent users from running the scripts. It is a problem that needs a solution, and it relates directly to AutoHotkey. I strongly suggest that this thread belongs in Ask for Help.
[Mod edit: yes I think so too; I guess another moderator thought there was a conflict of interests earlier on in this discussion] |
|
| Back to top |
|
 |
Lexikos
Joined: 17 Oct 2006
Posts: 2739
Location: Australia, Qld
|
| Posted: Thu Jan 17, 2008 12:14 pm Post subject: |
|
|
| AVG Technical Support wrote: | Dear Sir/Madam,
Thank you for your email.
We have analyzed the file you have sent to us and it is false
detection. This issue will be fixed in next update as soon as
possible.
Please accept our apologize for any inconvenience this may cause to
you.
If there are any other suspicious files, please feel free to contact
us again.
Thank you for your cooperation. |
|
|
| Back to top |
|
|
ManaUser
Joined: 24 May 2007
Posts: 906
|
| Posted: Thu Jan 17, 2008 5:17 pm Post subject: |
|
|
| Ah, good that this is (hopefully) taken care of. |
|
| Back to top |
|
|
POINTS
Joined: 17 Jan 2006
Posts: 284
|
| Posted: Tue Feb 12, 2008 9:19 am Post subject: AVG |
|
|
For anyone having this problem again, I was able to use my compiled code when I rolled back to 1.0.47.3. (I don't have 1.0.47.4 but that might work too.)
_________________
My AutoHotkey Program for Warcraft III:
Warkeys
http://warkeys.sourceforge.net/
Remap your hotkeys
Healthbars always on
Remap inventory |
|
| Back to top |
|
|
BikerDude
Guest
|
| Posted: Sun Feb 24, 2008 2:42 pm Post subject: |
|
|
Just did a scan with http://virusscan.jotti.org/ and got 2 hits
Scan taken on 24 Feb 2008 14:21:50 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found Troj.Spy.W32.Agent.bdw
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found Trojan-Spy.Win32.Agent.bbg
So there still some out that causing this issue |
|
| Back to top |
|
|
Guest.2
Guest
|
| Posted: Fri Mar 07, 2008 9:48 am Post subject: |
|
|
Still got Hits with
eSafe 7.0.15.0 2008.03.06 suspicious Trojan/Worm
Ikarus T3.1.1.20 2008.03.07 Trojan-Spy.Win32.Agent.bbg
Panda 9.0.0.4 2008.03.06 Suspicious file
CPsecure Troj.Spy.W32.Agent.bdw (this one from jotti)
weird:
NOD32v2 2928 2008.03.06 archive damaged
using 1.0.47.05
Now I'm using 1.0.46.17 again, no false positives so far. I habe no choice than to avoid those alerts. |
|
| Back to top |
|
|
Oberon
Joined: 18 Feb 2008
Posts: 453
|
| Posted: Fri Mar 07, 2008 1:44 pm Post subject: |
|
|
| The best course of action is to use and distribute text scripts instead of compiled ones. AutoHotkey.exe is the only required dependency. |
|
| Back to top |
|
|
CuriousUser
Guest
|
| Posted: Thu Apr 03, 2008 8:00 pm Post subject: Autoit.ABB in AVG |
|
|
| So they updated AVG and now it detects the Worm\Autoit.ABB in warkeys. I emailed AVG with no response yet. Any Idea as to why this is happening ? I cant set my keys currently because AVG will not let me access the file. |
|
| Back to top |
|
|
AnotherCuriousGuest
Guest
|
| Posted: Sun Apr 13, 2008 2:58 am Post subject: |
|
|
Ya I'm having the same trouble as "CuriousGuest"
I just updated to the newest version of both warkeys and avg and I get Threat Detected! Warkeys.exe ... virus identified Worm / Autoit.ABB |
|
| Back to top |
|
|
ahklerner
Joined: 26 Jun 2006
Posts: 1249
Location: USA
|
| Posted: Sun Apr 13, 2008 3:01 am Post subject: |
|
|
I looked for the post by "CuriousGuest" and could not locate it.
_________________
ʞɔпɟ əɥʇ ʇɐɥʍ |
|
| Back to top |
|
|
AnotherCuriousGuest
Guest
|
| Posted: Sun Apr 13, 2008 10:10 pm Post subject: |
|
|
| sorry i meant "CuriousUser" ... the post directly above mine |
|
| Back to top |
|
|
TecnoCR
Guest
|
| Posted: Sun Aug 17, 2008 2:53 pm Post subject: |
|
|
| For my was on a corporate network, and it's not detected as a virus but detected as a possible threat, script creating copiled exe, basic virus behavior. I have the rules and keys that needs to be created for Symantec Corporate, if any body is interested. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
