Count me in Posted July 23, 2020 Posted July 23, 2020 (edited) I'm curious what people think about this. I opened osbot and my anti-virus quarantine and removed this: Behavior:Win32/Atosev.A!sms. It appears to be a trojan. It was through the java.exe through program files. I have only official scripts Thoughts? False positive? Actual malicious malware? Edited July 23, 2020 by Count me in
Protoprize Posted July 23, 2020 Posted July 23, 2020 12 minutes ago, Count me in said: I'm curious what people think about this. I opened osbot and my anti-virus quarantine and removed this: Behavior:Win32/Atosev.A!sms. It appears to be a trojan. It was through the java.exe through program files. I have only official scripts Thoughts? False positive? Actual malicious malware? It's a false positive Some A/V software will look for code that injects into other programs, and since osbot is literally injecting a payload into the osrs client to bot, your A/V thinks it's doing something malicious
Count me in Posted July 23, 2020 Author Posted July 23, 2020 1 minute ago, Protoprize said: It's a false positive Some A/V software will look for code that injects into other programs, and since osbot is literally injecting a payload into the osrs client to bot, your A/V thinks it's doing something malicious Thanks for the fast response. Why would it happen at random when I've opened scripts/clients hundreds of times? Why THAT time?
Protoprize Posted July 23, 2020 Posted July 23, 2020 2 hours ago, Count me in said: Thanks for the fast response. Why would it happen at random when I've opened scripts/clients hundreds of times? Why THAT time? Because osbot needs to download files for the scripts, and if the program already suspects the client itself to be malicious, it will react the same when it tries to download anything. Just add it to your exception list and you should be fine
K1ngsterZ Posted July 26, 2020 Posted July 26, 2020 On 7/23/2020 at 7:55 AM, Count me in said: I'm curious what people think about this. I opened osbot and my anti-virus quarantine and removed this: Behavior:Win32/Atosev.A!sms. It appears to be a trojan. It was through the java.exe through program files. I have only official scripts Thoughts? False positive? Actual malicious malware? As others have stated, completely normal to get false positives. Especially if using just windows defender etc.
