search

ltguillaume / redshift-tray

A no-frills GUI for the excellent Redshift, with some optional OS hotkeys
https://codeberg.org/ltguillaume/redshift-tray
GNU General Public License v3.0
61 stars 1 forks source link

Malware detected #15

Closed tunisiano187 closed 3 years ago

tunisiano187 commented 3 years ago

Hello, i have received a message from a chocolatey user about a malware detection from Windows defender, can you tell me more about it? Thank you

Hi latest update v1.9.9 gives a Windows Defender warning: Trojan:Win32/Zpevdo.B file: C:\WINDOWS\System32\Tasks\Redshift Tray->(UTF-16LE) regkey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{A1341D6B-CE51-451B-B970-C4CB9CA6736F} regkey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Redshift Tray taskscheduler: C:\WINDOWS\System32\Tasks\Redshift Tray

ltguillaume commented 3 years ago

See the comment at the top of the releases. These are all false positives and a well-known byproduct of the AutoHotkey interpreter. The executable is nothing more than the exact script as committed to GitHub (you can see the plain text inside rstray.exe using any text editor) run through AutoHotkey's ahk2exe.exe.