Main Area and Open Discussion > General Software Discussion

VirusTotal marking each and every AutoHotKey exe as Virus !!

(1/5) > >>

anandcoral:
Well for last few days, I am trying different combination of making exe to satisfy VirusTotal.

Refer https://www.donationcoder.com/forum/index.php?topic=49317.msg434859#msg434859 of my NANY 2020 app Apps You Forgot.

No matter how I code or create the exe from AutoHotKey, VirusTotal is always marking 4 to 9 engines detected virus. I checked my earlier NANY apps and they are also marked now more than 10 engines.

Even without any exe packer, they are marked as virus warnings. I even checked many packers, older and newer, for confirmation, but all are marked not okay.

Then I checked ISMONISM https://www.donationcoder.com/forum/index.php?topic=49299.msg434768#msg434768, which Winkie is providing source code also (many thanks to him for this kind gesture), knowing very well that there is no bad code (we can see the codes) and it is non-packed exe. But alas it is also marked 4 engines virus !
https://www.virustotal.com/gui/file/642eabc63829c925f4e999efdee7f944701c17cd1da9bbd82e49b0db0405bba0/detection
I used Winkie's code as it is also written in AutoHotKey and source code is also provided for all to see.

So what should I do ?

I normally mention below in my app's websites and continue, as otherwise I can not create exe in AutoHotKey now.


--- ---Anti-Virus reports malware (what to do?) :

Delete the exe and it's folder. There is nothing we can do as this is false alert and we do not have resource to request all Anti-Virus companies to update their database. Similar problem is faced by small developers worldwide, check below links,

Nir's Blog

You can see the last scan result of the exe from Virus Total web site and will find that major Anti-Virus report it as clean.

I am adding few features to my app "Apps You Forgot", but devoted more time to understand why VirusTotal  is jumping on simple AutoHotKey codes. Looks like we have to live with it.

Regards,

Anand

BGM:
anandcoral, I was having trouble compiling my Systemus - which is also in autohotkey.  I had to add the ahk2exe application to the exclusion list for MSE in order to compile.  I've never had to do this for any autohotkey program before.  I suspect something has been changed in the recent virus definition lists.

anandcoral:
Yes, I have also faced many problems using AVG along with irritating focus capturing popups, and have stopped all and use only Win Defender now.

So compile is passed but results of VirusTotal is problem for us now  >:(

Regards,

Anand

BGM:
Last year, @oblivion told me he had my TextWorx reclassified by EMSI Antimalware.  He had to email it to them, and they reclassified it.  TextWorx is ahk, too.

publicdomain:
Well, the ultimate answer is to do an AHK transpiler to a technology that outputs "Antivirus-friendly" executable files.

i.e. AHK => C# or VB.NET => Compiled .exe file, indistinguishable from other native programs  :)

https://en.wikipedia.org/wiki/Source-to-source_compiler

Navigation

[0] Message Index

[#] Next page