VaultGuy

I don't know if someone already suggested this: Get a code signing certificate from a certificate authority (Thawte, GlobalSign, etc.) and use it to digitally sign your applications. Usually costs around 200-300$ per year (Just had a quick glance). Usually AV solutions monitor the certificates issued by a CA and trust the applications signed with official certificates automatically. Even if that's not the case, many AV solutions use a reputation system for the heuristic analysis of files. Having a digital signature would improve the chances of your file being detected as "good". If you want to use your software in any commercial way or in a professional environment, code signing would be the best way to get along with AV solutions.

Hey thanks, works for me, too

JohnOne thanks for your feedback. It helped much to get me on the right track I kind of worked around it: Opt('WinWaitDelay', 10) Run("procmon.exe /Nofilter /accepteula /Quiet /Minimized /BackingFile ProcmonTrace.PML", "", @SW_HIDE) $ProcMonWindowHandle = WinWait("[CLASS:PROCMON_WINDOW_CLASS]") WinSetState ( $ProcMonWindowHandle, "", @SW_HIDE ) @SW_HIDE from the run command doesn't work, but "Opt('WinWaitDelay', 10)" hides the window immediately. There's only a minimal flicker of the script in the task bar and that's it. Good enough for me ... Thanks for the help.

Hi JohnOne, thanks for your reply. Procmon indeed asks for admin. In this small example #RequireAdmin fixed the issue: #RequireAdmin $ProcMonWindowHandle = WinWait("[CLASS:PROCMON_WINDOW_CLASS]","",3) If $ProcMonWindowHandle = 0 Then MsgBox(1, "Error", "Error") WinActivate ($ProcMonWindowHandle) Sleep (1000) WinSetState ( $ProcMonWindowHandle, "", @SW_HIDE ) Sleep (2000) WinSetState ( $ProcMonWindowHandle, "", @SW_SHOW ) My initial script which runs procmon had the following wrapper directive: #AutoIt3Wrapper_Res_requestedExecutionLevel=requireAdministrator I thought this was enough to carry the permission level to the procmon child process. When I add #RequireAdmin, I'm able to use WinSetState correctly. But the initial @SW_HIDE command still doesn't work: Run("procmon.exe /Nofilter /accepteula /Quiet /Minimized /BackingFile ProcmonTrace.PML", "", @SW_HIDE)

Hi guys, I'm trying to run procmon ( https://technet.microsoft.com/en-gb/sysinternals/bb896645.aspx ) hidden, so I tried the following: Run("procmon.exe /Nofilter /accepteula /Quiet /Minimized /BackingFile ProcmonTrace.PML", "", @SW_HIDE) @SW_HIDE doesn't work and procmon always runs in a minimized window. Procmon in general doesn't seem to respond to "hide" commands. I just started procmon and then this code to test it: $ProcMonWindowHandle = WinWait("[CLASS:PROCMON_WINDOW_CLASS]","",3) If $ProcMonWindowHandle = 0 Then MsgBox(1, "Error", "Error") WinActivate ($ProcMonWindowHandle) Sleep (2000) WinSetState ( $ProcMonWindowHandle, "", @SW_HIDE ) WinActivate works, but WinSetState not. WinClose and WinKill also don't work. Has anyone experienced this before and maybe has a solution for it ?