- Status Closed
- Percent Complete
- Task Type Bug melden / Report Bug
- Category ISN AutoIt Studio
-
Assigned To
ISI360 - Operating System Windows 10 (64-Bit)
- Severity Critical
- Priority Very Low
- Reported Version 1.09
- Due in Version Undecided
-
Due Date
Undecided
- Votes
- Private
Opened by oscar - 24.05.2019
Last edited by ISI360 - 01.07.2019
FS#302 - "formstudio.exe" identified as "MSIL/Spy.Agent.AES" trojan by ESET Endpoint Antivirus
ESET Endpoint Antivirus (Version7.0.2091.0) has detected "formstudio.exe" as "MSIL/Spy.Agent.AES" trojan.
https://www.virusradar.com/en/MSIL_Spy.Agent.AES/description
The log :
<?xml version="1.0" encoding="utf-8" ?>
<ESET>
 <LOG>
  <RECORD>
   <COLUMN NAME="Time">22.05.2019 08:48:24</COLUMN>
   <COLUMN NAME="Scanner">Real-time file system protection</COLUMN>
   <COLUMN NAME="Object type">file</COLUMN>
   <COLUMN NAME="Object">D:\tools\isn autoit studio\data\plugins\formstudio2\formstudio2.exe</COLUMN>
   <COLUMN NAME="Detection">MSIL/Spy.Agent.AES trojan</COLUMN>
   <COLUMN NAME="Action">cleaned by deleting</COLUMN>
   <COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN>
   <COLUMN NAME="Information">Event occurred during an attempt to access the file by the application: C:\Windows\System32\CompatTelRunner.exe (14D0DE3FF0DBD983C1D146AA9316B3D90A41D5AF).</COLUMN>
   <COLUMN NAME="Hash">C814998671ED57760AF3C23C729ACF6EAE9AA378</COLUMN>
   <COLUMN NAME="First seen here">4.05.2019 20:08:54</COLUMN>
  </RECORD>
 </LOG>
</ESET>
Â
Â
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Sadly there is nothing what i can do against that. That´s the nature of autoit. (False Positive)
See: https://www.autoitscript.com/forum/topic/34658-are-my-autoit-exes-really-infected/
The only thing you can do, if to report the file in ESET as false positive.