Main Area and Open Discussion > General Software Discussion
Idea: File note
Armando:
Can't you setup avast to just ignore these files?
Cuffy:
I haven't tried to ignore it. I would like to identify the problem.
Avast identifies Win32:Agent-QYH [trj] in each exe file. Google has nothing on that trojan nor does TrendMicro Housecall. Housecall doesn't scan for it??
I burned filenoter.zip to CD on 8 Dec and opening that archive I get the wailing again so what ever is in that file has been there since day one and Avast now sees a trojan in there. Is Avast ahead of the pack in identifying a new trojan before the other apps have included it? Avast auto-updates several times a day so that's a posibility.
A little time will tell, I hope!
:)
Armando:
hummmm. NOD32 doesn't see a trojan in there... And my firewall(s) (Comodo / Online Armor) never detected any suspicious activity.
Could you submit these files to avast ? http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=199
Nod5:
Hi Cuffy and others,
I haven't checked this thread for a while so I've missed some discussions. To reply to the most recent issue, filenoter.exe is written in the Autohotkey (AHK) language and compiled with the tool ahk2exe that come bundled with AHK. It is a well known issue that such compiled scripts from time to time get flagged by various AV and other security software as some form of malware despite not being anything of that kind.
See this thread in the AHK forum for some examples: http://www.autohotkey.com/forum/topic27562.html
Since is is possible to write malware with AHK (or any other language) it is a good to be careful if an AHK application gives these kinds of AV-warnings. But in many cases the AHK application is distributed together with the source code and then the matter can easily be settled by glancing through the source to assure no harmful code is included and then compile it yourself. If the resulting .exe still gives AV-warnings then it can be treated as a false positive and added to the exclusions in the AV-program.
The source for filenoter.exe is included in the .zip posted previously in this thread so feel free to check it out.
Cuffy:
Thanks Armando and Nod,
I've just now sent filenoter.exe to Avast and hopefully they can shed some light on the problem.
I'm getting more confused by the minute. I burned a copy of filenoter.zip to CD shortly after I downloaded it from DC. If I'm using the right tool and doing it correctly the hash supplied in the zip and the one generated here don't match? I don't understand that?
Other AV scanners blow right by filenoter.exe without issue.
During the course of this little escapade filenoter, filenotes by GiorgosK , Universal Viewer and maybe other items have been removed from my context menu. They all show in the registry but won't display in the context menu. The AV scan in the context menu stopped working. I just installed Clam AV which installed a context menu entry. That won't work either?
I've obviously got some corruption that has screwed up my context menu. Removing and reinstalling these items hasn't made any difference. I'm facing a Repair install of XPPro64.......... ARRGGGGGGGGG!!!
:(
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version