lionfaggot Posted February 24, 2011 Share Posted February 24, 2011 (edited) i compiled an exe with sleep(100) in it - the exes dont get detected by heuristics but rather ridiculous runtime scans. at this point its just pissing me off, google online sandbox and scan any autoit exe. says it edits registry at runtime. all ye autoit coders join me, let us smite this idiocy with prejudice default permit can lick my ass. what i dont get is why runtime scans dont just prevent programs from adding themselves to autostart. that'd pretty much end the malware problem. instead they blacklist entire methods of registry writing, regardless of how harmful it is. it's time that us coders getting fucked over step up to the plate you guys can say whatever you like about it, i'm fed up with the antivirus industry, theyre all a bunch of thieves, and they hurt legiotamate coders with their hairbrained schemes. so whoever wants to see autoit live on, help me out. if i have some support im sure we can stick it to these fuckers Edited February 24, 2011 by lionfaggot Link to comment Share on other sites More sharing options...
lionfaggot Posted February 24, 2011 Author Share Posted February 24, 2011 http://anubis.iseclab.org/ this site as an example, a runtime scan detects an exe by what it does at runtime by putting it in a test sandbox first. its gotten so bad that i cant possibly expect any of my programs to have a userbase Link to comment Share on other sites More sharing options...
trancexx Posted February 24, 2011 Share Posted February 24, 2011 Now say that you are in love with Dulcinea. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
lionfaggot Posted February 24, 2011 Author Share Posted February 24, 2011 this is very important to the survival of autoit, i dont know what else to do than request as many people as possible bitch about it. what else can we do? Link to comment Share on other sites More sharing options...
guinness Posted February 24, 2011 Share Posted February 24, 2011 what else can we do?Have a good reputation as a program designer so users will understand from time to time there will be a False Positive of your application. I would also like to reference the story about "The Wind and the Sun", the moral of this story is poignant to why your proposal won't work!this is very important to the survival of autoitYou mean users posting code which is not only relevant to todays standards but doesn't break the EULA/Rules/Law/Morals etc... I quite a agree Note: Maybe this should have been discussed in "Chat"? UDF List: _AdapterConnections() • _AlwaysRun() • _AppMon() • _AppMonEx() • _ArrayFilter/_ArrayReduce • _BinaryBin() • _CheckMsgBox() • _CmdLineRaw() • _ContextMenu() • _ConvertLHWebColor()/_ConvertSHWebColor() • _DesktopDimensions() • _DisplayPassword() • _DotNet_Load()/_DotNet_Unload() • _Fibonacci() • _FileCompare() • _FileCompareContents() • _FileNameByHandle() • _FilePrefix/SRE() • _FindInFile() • _GetBackgroundColor()/_SetBackgroundColor() • _GetConrolID() • _GetCtrlClass() • _GetDirectoryFormat() • _GetDriveMediaType() • _GetFilename()/_GetFilenameExt() • _GetHardwareID() • _GetIP() • _GetIP_Country() • _GetOSLanguage() • _GetSavedSource() • _GetStringSize() • _GetSystemPaths() • _GetURLImage() • _GIFImage() • _GoogleWeather() • _GUICtrlCreateGroup() • _GUICtrlListBox_CreateArray() • _GUICtrlListView_CreateArray() • _GUICtrlListView_SaveCSV() • _GUICtrlListView_SaveHTML() • _GUICtrlListView_SaveTxt() • _GUICtrlListView_SaveXML() • _GUICtrlMenu_Recent() • _GUICtrlMenu_SetItemImage() • _GUICtrlTreeView_CreateArray() • _GUIDisable() • _GUIImageList_SetIconFromHandle() • _GUIRegisterMsg() • _GUISetIcon() • _Icon_Clear()/_Icon_Set() • _IdleTime() • _InetGet() • _InetGetGUI() • _InetGetProgress() • _IPDetails() • _IsFileOlder() • _IsGUID() • _IsHex() • _IsPalindrome() • _IsRegKey() • _IsStringRegExp() • _IsSystemDrive() • _IsUPX() • _IsValidType() • _IsWebColor() • _Language() • _Log() • _MicrosoftInternetConnectivity() • _MSDNDataType() • _PathFull/GetRelative/Split() • _PathSplitEx() • _PrintFromArray() • _ProgressSetMarquee() • _ReDim() • _RockPaperScissors()/_RockPaperScissorsLizardSpock() • _ScrollingCredits • _SelfDelete() • _SelfRename() • _SelfUpdate() • _SendTo() • _ShellAll() • _ShellFile() • _ShellFolder() • _SingletonHWID() • _SingletonPID() • _Startup() • _StringCompact() • _StringIsValid() • _StringRegExpMetaCharacters() • _StringReplaceWholeWord() • _StringStripChars() • _Temperature() • _TrialPeriod() • _UKToUSDate()/_USToUKDate() • _WinAPI_Create_CTL_CODE() • _WinAPI_CreateGUID() • _WMIDateStringToDate()/_DateToWMIDateString() • Au3 script parsing • AutoIt Search • AutoIt3 Portable • AutoIt3WrapperToPragma • AutoItWinGetTitle()/AutoItWinSetTitle() • Coding • DirToHTML5 • FileInstallr • FileReadLastChars() • GeoIP database • GUI - Only Close Button • GUI Examples • GUICtrlDeleteImage() • GUICtrlGetBkColor() • GUICtrlGetStyle() • GUIEvents • GUIGetBkColor() • Int_Parse() & Int_TryParse() • IsISBN() • LockFile() • Mapping CtrlIDs • OOP in AutoIt • ParseHeadersToSciTE() • PasswordValid • PasteBin • Posts Per Day • PreExpand • Protect Globals • Queue() • Resource Update • ResourcesEx • SciTE Jump • Settings INI • SHELLHOOK • Shunting-Yard • Signature Creator • Stack() • Stopwatch() • StringAddLF()/StringStripLF() • StringEOLToCRLF() • VSCROLL • WM_COPYDATA • More Examples... Updated: 22/04/2018 Link to comment Share on other sites More sharing options...
lionfaggot Posted February 24, 2011 Author Share Posted February 24, 2011 i dont think you understand, all autoit exes are detected at runtime. did you even try what i suggested? just an exe with sleep(100) in it. it annoys me that you havent tried an online sandbox scan yet claim to think you know what im talking about Link to comment Share on other sites More sharing options...
lionfaggot Posted February 24, 2011 Author Share Posted February 24, 2011 ill make this very simple, a runtime scan is not based on the hash pattern of an executable before it is run, a runtime scan detects what an exe does at runtime as malaicious or not, apparently all autoit exes edit some registry valuue regardless of whether or not there is even a regwrite call in your exe. this is an important matter and no one seems to care that the entire language of autoit is on the brink of destruction right now. so its whatever, the internet is just like the real world, everyone is so damn apathetic. i guess ill have to find another language to use if no one will help me Link to comment Share on other sites More sharing options...
Moderators Melba23 Posted February 24, 2011 Moderators Share Posted February 24, 2011 lionfaggot,Do you think you are the first to become annoyed by having your compiled scripts flagged by AV software. Just relax - from experience if you let the companies know they remove the definiton that causes the false detection pretty smartly. Well, at least until the next time. What guinness was trying to point out was that unfortunately the ease of coding in AutoIt means that a lot of "script kiddies" produce unpleasant code with it and cause problems. The AV companies tend to go for the easy option of looking for the AutoIt or upx stub rather than the script section itself. It is a problem we have to live with - and one which many of us have lived with for much longer than you (hint: look at the joining dates ). Suggesting that "this is very important to the survival of autoit" is hyperbole of the worst sort.So calm down, oh, and please stop swearing. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area Link to comment Share on other sites More sharing options...
Developers Jos Posted February 24, 2011 Developers Share Posted February 24, 2011 ill make this very simple, a runtime scan is not based on the hash pattern of an executable before it is run, a runtime scan detects what an exe does at runtime as malaicious or not, apparently all autoit exes edit some registry valuue regardless of whether or not there is even a regwrite call in your exe. this is an important matter and no one seems to care that the entire language of autoit is on the brink of destruction right now. so its whatever, the internet is just like the real world, everyone is so damn apathetic. i guess ill have to find another language to use if no one will help meAre you seriously wondering, after reading your own posts, why nobody is taking you serious?When you want to address something like this and expect a serious answer, then consider getting of your high horse and start writing a clear definition of your issue in stead of this "lick my ass" bull shit.Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
lionfaggot Posted February 24, 2011 Author Share Posted February 24, 2011 jos scan any autoit exe on any online sandbox, why wont anyone try that? im not blowing smoke out my ass. all autoit exes are detected by antivirus runtime scans, and no one gives a fuck. google it jos "online sandbox" scan any of your autoit exes in a few of them. all are detected. so insult me as you see fit, but i know what i am talking about. do it Jos, i challenge you to scan any autoit exe on a few online sandboxes. you will see what i mean. Link to comment Share on other sites More sharing options...
Developers Jos Posted February 24, 2011 Developers Share Posted February 24, 2011 (edited) jos scan any autoit exe on any online sandbox, why wont anyone try that? im not blowing smoke out my ass. all autoit exes are detected by antivirus runtime scans, and no one gives a fuck. google it jos "online sandbox" scan any of your autoit exes in a few of them. all are detected. so insult me as you see fit, but i know what i am talking about. do it Jos, i challenge you to scan any autoit exe on a few online sandboxes. you will see what i mean.I am done with you since you didn't take the opportunity to post a NORMAL reply and insist on your stupid approach to make your point. Edited February 24, 2011 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Recommended Posts