AutoitSC.bin trojan or not?

[Rick]

hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,

has anyone else experienced this??

[jpm]

hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,

has anyone else experienced this??

At least the Norton Corporate 9.0 version with the latest virus definition is not thinking that

[Confuzzled]

Report your false positives direct to Symantec. They should be able to update their patterns promptly if you ask in a nice way.

[CCUCAL]

hi, just recently had Norton 2005 think "AutoitSC.bin" is a trojan virus,

has anyone else experienced this??

Hi Im a new one, and I m running Norton because it automaticaly quarentyne 2 .exe created by auit2exe and found 2 "Downloader", one in AutoitSC.bin and other in the .zip of instalation.

I m going to dowload again and reistal.

[CWorks]

symantec's latest virus defs deleted all my autoit programs saying they're downloaders

this is the first false positive i've ever had with symantec

it also deleted some other programs that were definitely not trojans like it said

they were all in quarantine but this is ridiculous when programs i've had for over 10 years all of a sudden show up as trojans

[Michael McNally]

Add one more dissatisfied Symantec Corporate customer (Corporate version 9 with latest updates). Good thing this FUBAR update didn't come out a week ago, as I had some critical AutoIt executables that ran through all users login scripts. They are now deleted off the server. I had another update I wanted to push out to all my users tomorrow, but thanks to Symantec I can't. How much do you think I can sue them for?

More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.

[jp10558]

Add one more dissatisfied Symantec Corporate customer (Corporate version 9 with latest updates). Good thing this FUBAR update didn't come out a week ago, as I had some critical AutoIt executables that ran through all users login scripts. They are now deleted off the server. I had another update I wanted to push out to all my users tomorrow, but thanks to Symantec I can't. How much do you think I can sue them for?

More importantly, does anyone know where to report these false positives to Symantec? I sent an email through the customer service link on their website, but I'm not sure that's the best place to send it to.

I need to know as well, this is severly impacting my ability to push out updates to our network. It also has the effect of making the last 5 days at work or so a waste of time for me.

[Jmtyra]

Same here, "AutoItSC.bin" as a "Downloader", which I know is completely bogus.

I'll be reporting this to Symantec as a false-positive...hopefully they can get their AV defs updated soon...

[DuckNCover]

Same here, "AutoItSC.bin" as a "Downloader", which I know is completely bogus.

I'll be reporting this to Symantec as a false-positive...hopefully they can get their AV defs updated soon...

They've updated the defs to remove this false-positive. You can install the fix with this: ftp://ftp.symantec.com/public/english_us_...easedefsi32.exe.

[Valuater]

I have ACG AAbtivirus on my computer and I am sick of False Positives.. So, I have taken on the task to submit to them every time there is a problem, well they know who Valuater is now, after numerous emails and not all of them being nice about it, and one of the techs gave me his personal email...

... there hasn't been a problem since

but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...

This Hurts All of Us!!!!!!

8)

[/end ramble]

Edited September 21, 2006 by Valuater

[jp10558]

I have ACG AAbtivirus on my computer and I am sick of False Positives.. So, I have taken on the task to submit to them every time there is a problem, well they know who Valuater is now, after numerous emails and not all of them being nice about it, and one of the techs gave me his personal email...

... there hasn't been a problem since

but i hate the idea that you create a great program and then who knows which anti-virus is going to say its malware and either remove it or ask the user to remove it, as if the antivirus is a PC God,... then the developer and language appear to be "bad" in the eyes of the end user, and...

This Hurts All of Us!!!!!!

8)

[/end ramble]

Any idea when this will roll out to SAV Corporate products?

[Jmtyra]

Any idea when this will roll out to SAV Corporate products?

I'm currently using defs '9/20/2006 rev. 52' and it's not flagging AutoIt anymore.

This is with SAV version 10

[herewasplato]

Any idea when this will roll out to SAV Corporate products?

It is no longer a problem (for me anyway) using the sig file dated later that same day.

Virus Definitions File Version: 9/20/2006 rev. 52

Scan engine: 61.2.1.10

SAV Program Version: 10.1.4.4010

Edit: I type too slow....

Edited September 21, 2006 by herewasplato

[Blue_Drache]

I had to downgrade from 3.2.x to 3.1.1.x and recompile for SAV to ignore my executables.

Norton users can upgrade the virus definitions by using this link: http://www.symantec.com/avcenter/download/pages/US-N95.html

Edited September 21, 2006 by Blue_Drache

[Angel]

Just wanted to let you know, if you didn't see it on the other thread, that the latest symantec virus definition file (from today, september 21st 2006) fix the issue.

Cheers,

Angel

[LongBowNZ]

Sorry to bring back an old thread but it's relevant.

The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" and I don't know where to contact them about it.

Can anyone help me out with a link or something?

[GWmellon]

Sorry to bring back an old thread but it's relevant.

The lastest AVG definitions are saying AutoItSC.bin is "Trojan Horse Generic8.GST" and I don't know where to contact them about it.

Can anyone help me out with a link or something?

This thread lists everyone I think

http://www.autoitscript.com/forum/index.php?showtopic=34658

[PerryRaptor]

Same here...my AVG just hit on *.bin file and every *.exe I've compiled with AutoIT version 3.2.8.1...

[DW1]

Its almost like there is a reason they sticky these things

[LongBowNZ]

Its almost like there is a reason they sticky these things

I read the sticky.

Found the link in the sticky.

Link in sticky didn't help at all.

Posted here hoping someone might know more.

I managed to find this:

Please try to update your AVG Free Edition and run the AVG Free Edition Complete Test again. If you suspect a file to be a false positive. Test the file at [virusscan.jotti.org] and if it is a false positive, archive (zip, arc, tar etc) the file using a password and email a copy to virus@grisoft.com with a brief description as well as the password you used to archive it with.

If it is a false positive , turn off hueristic scanning for the time being. When Grisoft adjusts the virus defintions you can turn it back on. If turning off Hueristics still doesn't allow access to the file while testing and emailing... disable the resident shield temporarily but remember to re-enable it afterwards.

TIP This may be req'd. with Win Vista OS... From the Windows menu... locate the AVG Control Center icon and right click on it then select Run As Administrator... disable the Resident Shield and then complete the rest of the above instructions.

Maybe that should be added to the sticky.

I can't upload the file to virusscan.jotti.org so I was hoping someone else could do it.