Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Trojan.Antavmu detected in AutoHotKey


  • Please log in to reply
3 replies to this topic
apao
  • New members
  • 2 posts
  • Last active: Aug 15 2015 07:44 PM
  • Joined: 12 Aug 2015

Hello everyone,

 

I have just downloaded the AutoHotKey installer (directly from autohotkey.com) and when I scan it on virustotal.com, the antivirus VBA32 detects Trojan.Antavmu as you can see here :

https://www.virustot...sis/1439414943/

 

I have been thinking it might be a false positive so I installed it.

But I have been scanning each exe after installation (on virustotal.com) and the same Antavmu is then found in 2 of them (Ahk2Exe.exe and AU3_Spy.exe), by 2 antivirus this time (VBA32 and Zillya), as you can see here :

https://www.virustot...510f3/analysis/

https://www.virustot...dd82d/analysis/

 

Would you have any explanation for it?

 

Thanks for sharing knowledge.



Xtra
  • Members
  • 954 posts
  • Last active: Jul 23 2016 09:04 PM
  • Joined: 29 Sep 2013

From your 1st link:    Probably harmless! There are strong indicators suggesting that this file is safe to use.

 

When you use a site like virustotal.com i wouldnt trust some of antivirus programs they list.

 

I just checked my ahk2exe.exe and it gave the same 2 as you posted.

VBA32    Trojan.Antavmu
Zillya   Trojan.Antavmu.Win32.7010 

Never heard of vba32 or zillya most likely cause they are junk AV.

 

Anyways nothing im worried about its just a false positive.

 

 

Faq notes:

VirusTotal is detecting a legitimate software I have developed, please remove the detections 

VirusTotal acts simply as an information aggregator, presenting antivirus results, file characterization tool outputs, 
URL scanning engine results, etc. VirusTotal is not responsible for false positives generated by any of the resources it uses, 
false positive issues should be addressed directly with the company or individual behind the product under consideration. 

We can, however, help you in combatting false positives. 
VirusTotal has built an early warning system regarding false positives whereby developers can upload their software to a private store, 
such software gets scanned on a daily basis with the latest antivirus signatures. 
Whenever there is a change in the detections of any of your files, you are immediately notified in order 
to mitigate the false positive as soon as possible.
 


SnowFlake_FlowSnake
  • Members
  • 845 posts
  • Last active: Jan 24 2016 05:24 PM
  • Joined: 08 Oct 2012

AutoHotkey is open source software so if you are unsure you can look in to the code itself


  • Download link of my scripts on Autohotkey.com 2/10/2015 [DOWNLAND]
  • Contact Info:  https://github.com/floowsnaake //  FloowSnaake(A)gmail.com
  • IF you need Help send me a PM,Email or Post on Github

  • Quote by tank  Posted 29 September 2015 - 06:14 PM

  • "Eventually i will find a way to convert the DB back to PHPBB3. but i dont have the bandwidth right now. No one that has tried has had success. It is the Only way i can keep this open is if i could successfully convert it."

apao
  • New members
  • 2 posts
  • Last active: Aug 15 2015 07:44 PM
  • Joined: 12 Aug 2015

Thanks for your answers!