search

Pulover / PuloversMacroCreator

Automation Utility - Recorder & Script Generator
http://www.macrocreator.com
Other
1.68k stars 236 forks source link

Windows Security Threat Quarantined #112

Open shai opened 4 years ago

shai commented 4 years ago

Hello,

Why would this software, after installed be found by Windows Security to have a Trojan:Win32/Zpevdo.B


Detected: Trojan:Win32/Zpevdo.B
Status: Quarantined
Date: 9/26/2020 11:35 AM
Details: This program is dangerous and executes commands from an attacker.
Affected items:
file: C:\Program Files\MacroCreator\MacroCreator.exe
file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator\Pulover's Macro Creator.lnk
startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator\Pulover's Macro Creator.lnk
ozzhates commented 4 years ago

Hello, I don't know if this applies to your case but AutohotKey has been know to throw up a false positive with some antivirus software companies. If you peruse AutohotKey forums the community even kept a list of vendor companies that are known to test as false-positives. Lastly as a tip if you ever question a software you can block its telemetry via firewall rules to aid in easing your mind of malice until further resolve.

Dany-R commented 4 years ago

I have read that AutoHotKey forum, but the previous releases from 5.0.5 to 5.2.0 are not having that "security issue" in Windows 10 Security, so it seems to me a new issue (on both, setup and portable archive). Would it be possible that something like a scan through VirusTotal can be done as a last step in the CI/CD process? There the result would be shared between scanner manufacturers. afaik, by Terms&Conds I'm not allowed to let your archive being scanned since it is not owned by me. Cheers, Dany

Dany-R commented 4 years ago

I let VirusTotal scan the exe nevertheless and here's the result: MacroCreatorEXE_VirusTotal

Pulover commented 4 years ago

https://www.macrocreator.com/2020/09/28/version-update-5-2-3/

ghost commented 3 years ago

yeah, I installed the software then it disappeared completely ! It was not found in my anti-virus quarantine either !! Downloaded a couple of times afterwards and install again and the exactly same thing happened !!

Just to be on the safe side I will have no choice but reinstall the OS

Pulover commented 3 years ago

@techcom78 have you tried the portable version?

ghost commented 3 years ago

The point is I have downloaded the file and just after the installation process it disappeared. I need to know exactly what has happened to the file other wise it will have to be a clean install.

Sent from ProtonMail mobile

-------- Original Message -------- On 6 Jan 2021, 19:56, Rodolfo U. Batista wrote:

@techcom78 have you tried the portable version?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.