Jump to content

AVG Reports Autoit infected

ChrisJakarta
 Share

Recommended Posts

ChrisJakarta Seeker

ChrisJakarta

Posted
Posted

The most recent virus database update to AVG marks AutoitSC.bin as infected with Downloader.Agent.AEPV. The earlier version in v 3.2.8.1 gives no problem. Checked with virusscan.jotti.org, AVG the only virsu program indicating problems.

BTW, to update the Sticky, for AVG see <http://forum.grisoft.cz/freeforum/read.php?4,104930,backpage=,sv=>

Chris

Link to comment
Share on other sites
d4rk Universalist

d4rk

Posted
Posted

they scan the signature of AutoIT, not the actual code

[quote]Don't expect for a perfect life ... Expect a least troubles ones[/quote]Contact me : ass@kiss.toWhat I Have Done :Favorites Manager Mangage your favorite's folder, that's coolPC Waker For those who want to save stickersWebScipts Supporter For those who've just started with Web and WebScriptsTemporary Looker Simple but powerful to manage your Temporary folder, you know what you downloaded[UDF] _NumberFormat() Better performance on number display[UDF] _DirGet() What a folder contain [how many (hidden,normal,...) files], with one line of code[UDF] _IsPressEs() Just like _IsPress() but for a group of keys

Link to comment
Share on other sites
ChrisJakarta Seeker

ChrisJakarta

Posted
  • Author
Posted

Getting the same thing here with AVG free since the last update 269.22.1/1349 released 29.03.2008 17.02. Is there a work around???

I have deleted the latest AutoIt version and reinstalled v3.2.8.1. This still runs OK for me, and does not trigger AVG...

Chris

Link to comment
Share on other sites
zackrspv Universalist

zackrspv

Posted
Posted

So you've sent the sample and reported to Grisoft? Have they replied yet? Thanks a lot.

WOOHOOO:

Dear Sir/Madam,

Thank you for your email.

Unfortunately, the previous virus database might have detected the

mentioned virus on some legitimate applications. We can confirm that

it was a false alarm. We have immediately released a new virus update

that removes the false positive detection on this file. Please update

your AVG and check your files again.

If you need to restore deleted files from AVG Virus Vault you can do

it this way:

- Open AVG Virus Vault (Start -> Programs -> AVG 7.5 -> AVG Virus

Vault).

- Locate the file that was incorrectly removed.

- Right click on it and choose the "Restore File(s)" option.

We are sorry for the inconvenience.

Best regards,

David Streichl

AVG Technical Support

I'm so happy they took care of that haha, and indeed my scripts ARE NOT being auto deleted on my AVG systems now :)

-_-------__--_-_-____---_-_--_-__-__-_ ^^€ñ†®øÞÿ ë×阮§ wï†høµ† ƒë@®, wï†høµ† †ïmë, @ñd wï†høµ† @ †ïmïdï†ÿ ƒø® !ïƒë. €×阮 ñø†, bµ† ïñ§†ë@d wï†hïñ, ñ@ÿ, †h®øµghøµ† †hë 맧ëñ§ë øƒ !ïƒë.

Link to comment
Share on other sites
  • 4 weeks later...
Learic Seeker

Learic

Posted
Posted

The most recent virus database update to AVG marks AutoitSC.bin as infected with Downloader.Agent.AEPV. The earlier version in v 3.2.8.1 gives no problem. Checked with virusscan.jotti.org, AVG the only virsu program indicating problems.

BTW, to update the Sticky, for AVG see <http://forum.grisoft.cz/freeforum/read.php?4,104930,backpage=,sv=>

Chris

Apparently it's starting to propagate! TrendMicro Office Scan 8.0 with Virus Pattern 5.235.00 (4/23/2008) now detects the AutoitSC.bin file as WORM_DELF.FKZ.

http://www.trendmicro.com/vinfo/virusencyc...FKZ&VSect=P

Link to comment
Share on other sites
zackrspv Universalist

zackrspv

Posted
Posted

I get the same from Trend OfficeScan: Pattern 5.235.00 Engine 8.700. :D

Kurt

I'd submit your code directly to Trend. So far, after they have fixed my scripts; i havn't had an issue on Trend/Avast/AVG/NIS/McAfee or even Kapersky.

-_-------__--_-_-____---_-_--_-__-__-_ ^^€ñ†®øÞÿ ë×阮§ wï†høµ† ƒë@®, wï†høµ† †ïmë, @ñd wï†høµ† @ †ïmïdï†ÿ ƒø® !ïƒë. €×阮 ñø†, bµ† ïñ§†ë@d wï†hïñ, ñ@ÿ, †h®øµghøµ† †hë 맧ëñ§ë øƒ !ïƒë.

Link to comment
Share on other sites
GEOSoft Universalist

GEOSoft

Posted
Posted

Will you people PLEASE rease the sticky "Are my exe's really infected?" These are false positives and this topic has been beaten to death for several years now.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites
zackrspv Universalist

zackrspv

Posted
Posted

Will you people PLEASE rease the sticky "Are my exe's really infected?" These are false positives and this topic has been beaten to death for several years now.

I don't disaggree, however sometimes it's nice to have some reassurance from the community on these types of problems; especially as they can be very damaging to our scripts/clients.

-_-------__--_-_-____---_-_--_-__-__-_ ^^€ñ†®øÞÿ ë×阮§ wï†høµ† ƒë@®, wï†høµ† †ïmë, @ñd wï†høµ† @ †ïmïdï†ÿ ƒø® !ïƒë. €×阮 ñø†, bµ† ïñ§†ë@d wï†hïñ, ñ@ÿ, †h®øµghøµ† †hë 맧ëñ§ë øƒ !ïƒë.

Link to comment
Share on other sites
GEOSoft Universalist

GEOSoft

Posted
Posted

I don't disaggree, however sometimes it's nice to have some reassurance from the community on these types of problems; especially as they can be very damaging to our scripts/clients.

I get realy sick and tired of reading posts from people who don't (or won't) read the sticy posts first. They are there for a reason and several threads have been locked for just that reason. This particular topic comes up, in one forum or another, about once a month. Or on occasion a thread that has been ded for quite some time will get revived by someone who didn't even take the time to read the whole thread they were reviving before reincarnating it.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...