FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


File detected as virus though it's not





Flakky
Hey,
I want to publish one of my files. It is an executable and AVG keeps bugging me about it being a virus.
I took the file to virustotal.com (using my laptop as I have no AV installed on my laptop) and it reported that 19 out of the 43 scans result in it being a Trojan/Cloaked Malware. Most AV use an heuristic for this file.

Sadly this file is actually a .bat file compiled using Quick Batch File Compiler. It ain't harmful. It is compiled as a ghost application (which means no window will pop up). When compiling as a console application the same happens, but this time only 8 of the 43 applications respond.

What can I do to stop programs recognizing this as a virus?

This is what I compile:
Code:
@taskkill /F /IM %1
badai
go get the latest version. they keep updating it every time there are false positive.
FunDa
That single line is the code you want to compile ?


Why do you want it to run as a compiled exe file ?

What process is it killing - itself ?



If you are sure that other commands compiled with the same program are not recognised as viruses, I think you are out of luck. Probably the same compiler was used by a lot of virus writers that the antiviruses recognized its signature as a possible virus.

Otherwise, try using autohotkey or some other easy compiler to make it.
badai
i've been using Quick Batch File Compiler for years, now someone mention autohotkey, i was kind of ecstatic to try another batch to exe converter..... only to find out it just a macro for keyboard and mouse.

hmm... at first i want to kind of explain why some people convert 1 line batch file to exe, with option to hide it. now, maybe somebody need to explain what's an executable file vs a macro.

hint: can you give someone an exe file? can you give someone AutoHotkey macro?
Flakky
@Badain, I have the latest version, sadly Sad

@FunDa, all other commands fail to compile as well without the virus software going beserk.
I compiled this and it failed
Code:
::Hurrdurr I am a comment

Can't really blame anything but the compiler.
I used this so that a program I wrote could quickly kill itself. The program will call the compiled exe and use itself as an argument. Sometimes it got in a loop I could not easily get out of. This was the easiest method.
I want it to be compiled as an exe because it looks cool and more difficult to modify.

I don't know how autohotkey is related, the word batch does not appear on the front page or do I get the impression it compiles. I don't know how this is related.

I could give the exe file if someone wants.
badai
i think AVG just want to bloated their detection rate and just include anything as a virus.

i'm using nod32. none of the files are detected as virus.

you need to complain in their forum so they can fix it on next version.
Flakky
badai wrote:
i think AVG just want to bloated their detection rate and just include anything as a virus.

i'm using nod32. none of the files are detected as virus.

you need to complain in their forum so they can fix it on next version.
19 out of 43 and it didn't include NOD32 Wink

You'll be fine but I can't make everyone change to NOD32. Forums seem dead Sad

I downloaded an other compiler and it works fine now. If anyone is interested visit f2ko.de Smile
FunDa
Flakky wrote:
@Badain, I have the latest version, sadly Sad

@FunDa, all other commands fail to compile as well without the virus software going beserk.
I compiled this and it failed
Code:
::Hurrdurr I am a comment

Can't really blame anything but the compiler.
I used this so that a program I wrote could quickly kill itself. The program will call the compiled exe and use itself as an argument. Sometimes it got in a loop I could not easily get out of. This was the easiest method.
I want it to be compiled as an exe because it looks cool and more difficult to modify.

I don't know how autohotkey is related, the word batch does not appear on the front page or do I get the impression it compiles. I don't know how this is related.

I could give the exe file if someone wants.


Good for you. So, the problem was that others used this compiler to make viruses.
The antivirus detected the compiler's signature as that of the virus.
Related topics
What to do when you get a virus
warning
Virus Problem
Won't go into windows
Zone Alarm
[Official] Security: Anti-Spyware/Virus, & Firewall
How to programming javascript in one lines ?
Scripting Language
saving of file is very slow
What do u see first in the newspaper?
McAfee. Do I really need it?
Recycler.exe - virus
A Computer Virus on Linux (informed discussions only please)
Recycler.exe Virus Help...
Reply to topic    Frihost Forum Index -> Computers -> Software

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.