AutoHotkey Community

[Buckie]

I used smart GUI....It likes to send me to paypal, even when im not useing it...for some reason...I think, if you program free software you should not send peoples computers to places where they pay for stuff...I really think this program should be rewritten without this "feature" or banned from autohotkeys command refrence

[Lexikos]

[Rajat]

lexiKos is right. SGUI doesn't contain anything that'd do that. Its open source and you can compile your own copy to be sure that you have a clean application.
_________________

[Buckie]

I very strongly doubt that (#2). I have never had any Critical outgoing messages like this, I downloaded the software from "official" site, and even if it is possible to see the source code. Its not hard to add some extra lines to the compiled version, and not in the sourcecode. I think that even if I did a string search for "yahoo" or paypal in my SmartGUI.exe, and posted here, you state that it is my version (downloaded straight from http://www.autohotkey.net/~rajat/SGUI/index.html#Download) that might be "bugged"

I cant see why this file (smartgui.exe) should be attacked, it has never been "outsite" my computer since i downloaded it and why my firewall tells me that smartgui.exe is trying to launch mozilla to go to paypals or some wierd yahoo tool bar search.

Im really trying hard to understand, HOW this could happen

[SKAN]

I downloaded a copy 3 days back and it does not do anything that you claim.

[Rajat]

SGUI has a big userbase, and its just you who is facing that error… that should tell something. If my saying so means anything to you, I’ve not put in anything that could be said to be a malware in SGUI. Some hosting sites also tested for such things before hosting it.

And as SKAN said, you could upload your copy and have somebody (besides me) test it for you on another system. Maybe that app is clean and something else is the cause (and its just a hunch, but maybe you should read about process hijacking etc.), or maybe the copy you hold is tampered.
_________________

[Rhys]

Just wanted to add that I've never experienced a bit of trouble with SmartGUI.
_________________
[Join IRC!]

[Buckie]

Well, I might be the only one who noticed it yet. Im not saying that anyone put malware in anything. Im just wondering, Why it does that - because its not normal behavior ?

If my system was fubar, I would not notice something like this - I notice it because its something that never happend to me before (atleast in the last 5 years or so), anyone who would like to test the the exe file can download it at

http://w15.easy-share.com/1699762517.html

[Azerty]

[Buckie]

Well I did scan the exe, it found no string in the file matching the links - I was mostly curious to as why it did it. It seems pretty weird, that a application start to launch firefox to get visit paypals. And since Autohotkeys have a rumor for containing virus, malware w/e. I wanted to post it inhere, so we could figure out why it did it ? (and ofc i was pissed after getting these outgoing msg from the program)

What bothers me about it is, I cant figure out "what" did it. What made it do this. I mean, how can a lets say, a virus (trojan or any other malware) contact SmartGui, and tell Smartgui.exe to launch my browser, and then go to paypal. Im sure its doable, but noone in their right mind would bother to write a virus/malware that does that.

the only other thing that can come into my mind would be a hacker attack.But a hacker with full access to my computer (in case he got in) would have no use of the SmartGui Application for his purposes.

So...why did SmartGui try to launch these pages ? WHY !?!!?

Rajat im sorry about being so fast on the trigger but I felt pretty sure that there was programmed some kind of malware into your software - I really like the program:P

Btw, that strings program is really hot little tool ill keep that one for later

[Rhys]

Your exe: ED172301
My exe: ED172301
_________________
[Join IRC!]

[Buckie]

so its the same, the screen still speaks for itself - the remote mac adresse is the same, tbh im no network expert, but does this mean anything ?

[Rhys]

Disclaimer: I'm no expert

It sounds to me like the issue is isolated to your machine - No one else seems to have experienced the problem and the app has been around the community for a while and (I think) is widely used. While it is closed source (right?) it is my opinion that Rajat would not provide anything close to malware. The message on your screen does not support my opinion, so maybe an expert can sort out what's really happening.

P.S. even though the CRC are the same, I just ran your executable to test - No issues noted.
_________________
[Join IRC!]

[Oberon]

What's the email address of the PayPal account it sends you to?

[Lexikos]