Skip to main content

Adaware marks a VB program containing function CreateObject("WScript.Shell") a Trojan



  • Customer


    Thanks for directing my question to the correct forum.

    Attached you will find the Adaware report file as requested.

    I made full scans of my PC before and they all came up with no threat found.

    Also attached is a zip file containing the infected and clean versions of the file which I have compiled myself.

    As I have indicated earlier, the ONLY difference between the two files is that the infected one contains the following line:


    and the clean one does not.

    It is conceivable that many viruses or trojans may use the CreateObject("WScript.Shell") command, because it is primarily a file operations command.

    However this does not mean that all apps using this function are trojans.

    My guess is that you need to change the fingerprint for this particular trojan family ( so that it is not based on the presence of the CreateObject("WScript.Shell") command in an executable file.

    Many thanks for your kind support.



    adaware_Report_Custom_Manual_02-09-2018 124403.xml


  • Support

    Hi matmat,

    I've moved your topic to the forum for false positives.

    Please follow the guide


  • Customer

    Hi matmat,

    Thanks for providing so much detail. The detection is a false positive and will be removed within the next few updates/within a few hours.

    LS Andy


Please sign in to leave a comment.