I just ran Windows Live OneCare's "Protection" scan, and it deleted all of the *.exe files that I had compiled from *.ahk scripts!!! Furthermore, it did so without asking for permission. Once you start the process, it just demolishes whatever it thinks is a problem. I guess it assumes it knows better than you.
None of my compiled scripts have been flagged by any other virus scanner I have used (AntiVir, AVG, ClamWin). Most or all of them were compiled using AHK 1.0.44.07. I don't know if scripts compiled with a later version will also upset Windows Live OneCare or not, but it's a pretty safe bet that I won't be the one to find out.
Warning: "Windows Live OneCare" hates AHK!!!
Started by
meter
, Jan 29 2007 05:08 AM
6 replies to this topic
It might be related to AHK's malware - same as mIRC!?, but at least I had the choice of doing something or ignoring the alert.
Check your settings, it should be possible to change the default to something less strict, otherwise it is a good candidate for the trash can...
And perhaps instead of deleting the files, it has moved them to quarantine, in some folder.
Check your settings, it should be possible to change the default to something less strict, otherwise it is a good candidate for the trash can...
And perhaps instead of deleting the files, it has moved them to quarantine, in some folder.
#2
-
Posted 29 January 2007 - 08:59 AM
vPhiLho := RegExReplace("Philippe Lhoste", "^(\w{3})\w*\s+\b(\w{3})\w*$", "$1$2")
AntiVir sometimes flags my compiled AHK scripts too, but atleast it gives me a choice...
Windows Defender - on the other hand - removes everything it considers 'high' or 'severe' risk per default, no questions asked...
Windows Defender EULA
Apparently you can change the settings to ask you first...
Windows Defender - on the other hand - removes everything it considers 'high' or 'severe' risk per default, no questions asked...
Windows Defender EULA
Any potentially unwanted software rated “high” or “severe” will automatically be removed after scanning unless you change the default setting.
Apparently you can change the settings to ask you first...
#3
-
Posted 29 January 2007 - 08:34 PM
The problem is that Microsoft has a conflict of interest. AutoHotkey can directly compete with VBScript and WSH. So having one of its product's kill its competition would "work well" for them.
You have to send e-mail and call any Anti-Virus companies and tell them not to flag an entire scripting language. When was the entire programming lanugage of C++ or Perl flagged as a virus?
Send e-mail and complain about what they are doing. Its obviously not right.
You have to send e-mail and call any Anti-Virus companies and tell them not to flag an entire scripting language. When was the entire programming lanugage of C++ or Perl flagged as a virus?
Send e-mail and complain about what they are doing. Its obviously not right.
#4
-
Posted 31 January 2007 - 04:54 AM
Wouldn't this thread better fit at the 'General Chat'? Can't see why a Warning! should be seen as a recommandation for a utility (what this section IMHO is about)!??
#5
-
Posted 31 January 2007 - 07:50 AM
Aah, the good old conspiracy theme! :-DThe problem is that Microsoft has a conflict of interest. AutoHotkey can directly compete with VBScript and WSH. So having one of its product's kill its competition would "work well" for them.
If so, why WSH precisely allows any other language to enter this framework? ;-) And as you point out, other scripting languages like Perl doesn't seem to have this problem, it is just that the signature of a virus/trojan (just a bunch of bytes) is also found in compiled scripts. Just a coincidence, but an annoying one.
#6
-
Posted 31 January 2007 - 08:42 AM
Just to clarify, I had this problem with Windows Live OneCare safety scanner -- Microsoft's free Internet-based security service. It wouldn't surprise me at all if it uses some of the same detection algorithms, etc. as Windows Defender. However, as near as I can tell there is no way to set it to 'ask before delete.'Windows Defender - on the other hand - removes everything it considers 'high' or 'severe' risk per default, no questions asked...
[snip]
Apparently you can change the settings to ask you first...
#7
-
Posted 31 January 2007 - 02:34 PM
-Meter