Sign In
Register
Help
hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,
has anyone else experienced this??
AutoitSC.bin trojan or not?
MultiQuote
#2
- a Real GUI/debug lover
-
- Group: Developers(Dev)
- Posts: 8,585
- Joined: 03-December 03
- Location:Hauts de Seine, France
Posted 20 January 2006 - 09:56 PM
Rick, on Jan 20 2006, 09:42 PM, said:
hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,
has anyone else experienced this??
has anyone else experienced this??
At least the Norton Corporate 9.0 version with the latest virus definition is not thinking that -_-
#4
Posted 20 September 2006 - 07:57 PM
Rick, on Jan 20 2006, 12:42 PM, said:
hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,
has anyone else experienced this??
has anyone else experienced this??
Hi Im a new one, and I m running Norton because it automaticaly quarentyne 2 .exe created by auit2exe and found 2 "Downloader", one in AutoitSC.bin and other in the .zip of instalation.
I m going to dowload again and reistal.
#5
- Advanced Member
-
- Group: Full Members
- Posts: 124
- Joined: 06-August 06
- Location:In the garden, & feeling fine
Posted 20 September 2006 - 08:28 PM
symantec's latest virus defs deleted all my autoit programs saying they're downloaders
this is the first false positive i've ever had with symantec
it also deleted some other programs that were definitely not trojans like it said
they were all in quarantine but this is ridiculous when programs i've had for over 10 years all of a sudden show up as trojans
this is the first false positive i've ever had with symantec
it also deleted some other programs that were definitely not trojans like it said
they were all in quarantine but this is ridiculous when programs i've had for over 10 years all of a sudden show up as trojans
#6
Posted 20 September 2006 - 09:19 PM
Add one more dissatisfied Symantec Corporate customer (Corporate version 9 with latest updates). Good thing this FUBAR update didn't come out a week ago, as I had some critical AutoIt executables that ran through all users login scripts. They are now deleted off the server. I had another update I wanted to push out to all my users tomorrow, but thanks to Symantec I can't. How much do you think I can sue them for?
More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.
More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.
#7
- Member
-
- Group: Full Members
- Posts: 89
- Joined: 19-September 06
Posted 20 September 2006 - 10:12 PM
Michael McNally, on Sep 20 2006, 04:19 PM, said:
Add one more dissatisfied Symantec Corporate customer (Corporate version 9 with latest updates). Good thing this FUBAR update didn't come out a week ago, as I had some critical AutoIt executables that ran through all users login scripts. They are now deleted off the server. I had another update I wanted to push out to all my users tomorrow, but thanks to Symantec I can't. How much do you think I can sue them for?
More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.
More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.
I need to know as well, this is severly impacting my ability to push out updates to our network. It also has the effect of making the last 5 days at work or so a waste of time for me.
#9
Posted 21 September 2006 - 12:25 AM
Jmtyra, on Sep 20 2006, 02:38 PM, said:
Same here, "AutoItSC.bin" as a "Downloader", which I know is completely bogus. :angry:
I'll be reporting this to Symantec as a false-positive...hopefully they can get their AV defs updated soon...
I'll be reporting this to Symantec as a false-positive...hopefully they can get their AV defs updated soon...
They've updated the defs to remove this false-positive. You can install the fix with this: ftp://ftp.symantec.com/public/english_us_...easedefsi32.exe.
#10
- Hobbyist a passionate enjoyable activist
-
- Group: AutoIt MVPs(MVP)
- Posts: 10,868
- Joined: 28-February 05
- Location:Riverside, CA USA
Posted 21 September 2006 - 02:30 AM
I have ACG AAbtivirus on my computer and I am sick of False Positives.. So, I have taken on the task to submit to them every time there is a problem, well they know who Valuater is now, after numerous emails and not all of them being nice about it, and one of the techs gave me his personal email...
... there hasn't been a problem since
but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...
This Hurts All of Us!!!!!!
8)
[/end ramble]
... there hasn't been a problem since
but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...
This Hurts All of Us!!!!!!
8)
[/end ramble]
This post has been edited by Valuater: 21 September 2006 - 02:31 AM
#11
- Member
-
- Group: Full Members
- Posts: 89
- Joined: 19-September 06
Posted 21 September 2006 - 12:55 PM
Valuater, on Sep 20 2006, 09:30 PM, said:
I have ACG AAbtivirus on my computer and I am sick of False Positives.. So, I have taken on the task to submit to them every time there is a problem, well they know who Valuater is now, after numerous emails and not all of them being nice about it, and one of the techs gave me his personal email...
... there hasn't been a problem since
but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...
This Hurts All of Us!!!!!!
8)
[/end ramble]
... there hasn't been a problem since
but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...
This Hurts All of Us!!!!!!
8)
[/end ramble]
Any idea when this will roll out to SAV Corporate products?
#12
- Member
-
- Group: Full Members
- Posts: 33
- Joined: 04-July 05
Posted 21 September 2006 - 03:57 PM
jp10558, on Sep 21 2006, 06:55 AM, said:
Any idea when this will roll out to SAV Corporate products?
I'm currently using defs '9/20/2006 rev. 52' and it's not flagging AutoIt anymore.
This is with SAV version 10
#13
- Most Senile Poster
-
- Group: Full Members
- Posts: 4,426
- Joined: 25-January 04
- Gender:Male
Posted 21 September 2006 - 03:59 PM
jp10558, on Sep 21 2006, 06:55 AM, said:
Any idea when this will roll out to SAV Corporate products?
Virus Definitions File Version: 9/20/2006 rev. 52
Scan engine: 61.2.1.10
SAV Program Version: 10.1.4.4010
Edit: I type too slow....
This post has been edited by herewasplato: 21 September 2006 - 04:00 PM
#14
- It's like herding cats with an untrained sheep dog.
-
- Group: Full Members
- Posts: 1,991
- Joined: 19-October 04
- Location:Skei's Haven, Krynn
Posted 21 September 2006 - 05:33 PM
I had to downgrade from 3.2.x to 3.1.1.x and recompile for SAV to ignore my executables.
Norton users can upgrade the virus definitions by using this link: http://www.symantec.com/avcenter/download/pages/US-N95.html
Norton users can upgrade the virus definitions by using this link: http://www.symantec.com/avcenter/download/pages/US-N95.html
This post has been edited by Blue_Drache: 21 September 2006 - 05:50 PM
#16
- Spammer!
-
- Group: Full Members
- Posts: 299
- Joined: 27-July 07
Posted 05 October 2007 - 06:39 PM
Sorry to bring back an old thread but it's relevant.
The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" :unsure: and I don't know where to contact them about it.
Can anyone help me out with a link or something?
The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" :unsure: and I don't know where to contact them about it.
Can anyone help me out with a link or something?
#17
- Member
-
- Group: Full Members
- Posts: 50
- Joined: 27-April 07
Posted 05 October 2007 - 06:44 PM
LongBowNZ, on Oct 5 2007, 10:39 AM, said:
Sorry to bring back an old thread but it's relevant.
The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" :unsure: and I don't know where to contact them about it.
Can anyone help me out with a link or something?
The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" :unsure: and I don't know where to contact them about it.
Can anyone help me out with a link or something?
This thread lists everyone I think
http://www.autoitscript.com/forum/index.php?showtopic=34658
#20
- Spammer!
-
- Group: Full Members
- Posts: 299
- Joined: 27-July 07
Posted 05 October 2007 - 07:26 PM
danwilli, on Oct 6 2007, 06:55 AM, said:
Its almost like there is a reason they sticky these things
I read the sticky.
Found the link in the sticky.
Link in sticky didn't help at all.
Posted here hoping someone might know more.
I managed to find this:
Quote
Please try to update your AVG Free Edition and run the AVG Free Edition Complete Test again. If you suspect a file to be a false positive. Test the file at [virusscan.jotti.org] and if it is a false positive, archive (zip, arc, tar etc) the file using a password and email a copy to virus@grisoft.com with a brief description as well as the password you used to archive it with.
If it is a false positive , turn off hueristic scanning for the time being. When Grisoft adjusts the virus defintions you can turn it back on. If turning off Hueristics still doesn't allow access to the file while testing and emailing... disable the resident shield temporarily but remember to re-enable it afterwards.
TIP This may be req'd. with Win Vista OS... From the Windows menu... locate the AVG Control Center icon and right click on it then select Run As Administrator... disable the Resident Shield and then complete the rest of the above instructions.
If it is a false positive , turn off hueristic scanning for the time being. When Grisoft adjusts the virus defintions you can turn it back on. If turning off Hueristics still doesn't allow access to the file while testing and emailing... disable the resident shield temporarily but remember to re-enable it afterwards.
TIP This may be req'd. with Win Vista OS... From the Windows menu... locate the AVG Control Center icon and right click on it then select Run As Administrator... disable the Resident Shield and then complete the rest of the above instructions.
Maybe that should be added to the sticky.
I can't upload the file to virusscan.jotti.org so I was hoping someone else could do it.