Sign in to follow this  
Followers 0
Nirvana6

Second opinion on false-positive

5 posts in this topic

TraySetIcon(@ScriptDir&"\icon.ico")
While 1
    if WinExists("Google Notification") Then
        SoundPlay("C:\R2D2-yeah.wav")
        Sleep(10000)
    EndIf
WEnd

So I wrote this piece of code and saved it and compile it under mail_notification_check.exe.

I ran it for about a day; when I re-run it at a point Spybot S&D identified the compiled the script as Trojan.Bancos.prx.

Saving it under a different name , r2d2mail.exe didn't trigger the Spybot S&D warning; Avast didn't detect it at all, even after deep scanning it.

By the looks of it, it's clearly a false-positive, triggered by the name of the script ( I tried with mail.exe and notmail.exe and they were detected as well); but a second opinion would be very much appreciated.

Regards,

 


Share this post


Link to post
Share on other sites



I compiled yor sample script using the name mail_notification_check.exe. When I ran it SpyBot ignored it.

I wouldn't expect any virus checker or malicious code checker to take any notice of the exe name though that doesn't mean they don't.


Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script.

Share this post


Link to post
Share on other sites

I compiled yor sample script using the name mail_notification_check.exe. When I ran it SpyBot ignored it.

I wouldn't expect any virus checker or malicious code checker to take any notice of the exe name though that doesn't mean they don't.

 

Thank you.


Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0