Sign in to follow this  
Followers 0
Selmak

AVG AV False Positive

8 posts in this topic

#1 ·  Posted (edited)

Just a warning note that AVG Antivirus (http://www.grisoft.com) is producing a false-positive on V3 scripts as of this morning's defs. It doesn't give you any second chance either, it just zaps any compiled scripts it finds.

Edited by Selmak

Share this post


Link to post
Share on other sites



Just a warning note that AVG Antivirus (http://www.grisoft.com) is producing a false-positive on V3 scripts as of this morning's defs. It doesn't give you any second chance either, it just zaps any compiled scripts it finds.

Does any one else have any luck with this issue? I've been struck the same but not on every compiled script. I can't seem to nail it to any specific code, like registry access or file deletion. Even switching off Herustic scanning in AVG still produces a Generic Trojan false positive.

Personally i'm willing to just scrap AVG, although I've emailed them for further help. The problem is I have AutoIT compiled scripts on a lot of other machines that also use AVG.

Help anyone?

TIA ;)

Share this post


Link to post
Share on other sites

Just a warning note that AVG Antivirus (http://www.grisoft.com) is producing a false-positive on V3 scripts as of this morning's defs. It doesn't give you any second chance either, it just zaps any compiled scripts it finds.

Running Avg Professional Here/ With todays defs.

Just scanned my Compiled scripts dir / and get no probs here.

can others confirm please.

Thought this was all finished with month before last

HardCopy


Contributions: UDF _DateYearFirstChildren are like Farts, you can just about stand your own.Why am I not a Vegetarian?...Well...my ancestors didn't fight & evolve to the Top of the food chain for me to survive on Salad

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Installing a different version of AutoIt (e.g. a beta version) and recompiling will temporarily fix matters until AVG sorts things out. I understand this isn't a lot of help if you have scripts all over a LAN / WAN environment.

Can everyone posting please report what version of AutoIt are you using? AV detection problems like this in the past have been specific to one release version of AutoIt.

AVG needs to understand the structure of a compiled AutoIt EXE at least in a general way; I can help with that if needs be.

Edited by DaveF

Yes yes yes, there it was. Youth must go, ah yes. But youth is only being in a way like it might be an animal. No, it is not just being an animal so much as being like one of these malenky toys you viddy being sold in the streets, like little chellovecks made out of tin and with a spring inside and then a winding handle on the outside and you wind it up grrr grrr grrr and off it itties, like walking, O my brothers. But it itties in a straight line and bangs straight into things bang bang and it cannot help what it is doing. Being young is like being like one of these malenky machines.

Share this post


Link to post
Share on other sites

Installing a different version of AutoIt (e.g. a beta version) and recompiling will temporarily fix matters until AVG sorts things out. I understand this isn't a lot of help if you have scripts all over a LAN / WAN environment.

Can everyone posting please report what version of AutoIt are you using?

AVG needs to understand the structure of a compiled AutoIt EXE at least in a general way; I can help with that if needs be.

Im using lastest beta of autoit here.

Just scanned autoit directory too.. No Problem either. If i recall last time this happened it was zapping a few items from here.

HardCopy

I remember someone saying in aged posts AVG had addressed this..


Contributions: UDF _DateYearFirstChildren are like Farts, you can just about stand your own.Why am I not a Vegetarian?...Well...my ancestors didn't fight & evolve to the Top of the food chain for me to survive on Salad

Share this post


Link to post
Share on other sites

Thanks guys. I'll check out what version I have on my laptop and post it up here. I'm out of the city for a few days but i'll try to keep checking to see how this go's. Think I'll also try and search the archives for this happening last month too... i must've luckily missed that one!

;)

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

3.0.102.0 is definitely producing a positive, at the moment not sure if it's the only version or not.

Update: Just ran a test on a spare PC with the latest AVG defs (released 16:30 today) and it seems to have been fixed. At least, no false positive on 30.102.0 or 3.1.1.0, as far as I can see.

Edited by Selmak

Share this post


Link to post
Share on other sites

Bullguard antivirus detects au3 exe's as a trojan.

www.bullguard.com is the site.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0