Compiling A Virus ?

[Technomancer]

I've taken a quick look at some of the relevant replies, (they've all got some merit), so here's the situation so far:

I'm using AutoIT v 3.3.6.1 on Windows 7 Home Premium.

I have tried changing the script slightly, changing where the file in my script is being written to from a system folder to my user folder and AVG doesn't flag it. When i try changing it back it gets flagged.

Do you think that AVG somehow objects to compiled scripts that write files to system folders?.

[bogQ]

Probably

I suggest you to read this

Top Free Antivirus: Avast

Avast Free Antivirus couples good all-around malware detection with a speedy, well-designed package. We liked its easy installation process, smooth interface design, and minimal impact on system performance.

In traditional signature-based malware tests, Avast Free Antivirus detected 94.8 percent of samples, which is neither particularly good nor bad. It also did a decent, though not outstanding, job at detecting malware in our real-world malware detection tests: It completely blocked 76 percent of attacks (which is right about average), and partially blocked 4 percent of attacks.

But on the plus side, Avast Free Antivirus didn't falsely identify a single "safe" file as a piece of malware, the only free product we looked at that achieved this. Avast Free Antivirus also did a good job at disinfecting a PC; it removed all active components of malware infections 80 percent of the time, which set the pace among the free products we looked at.

reference

http://www.pcworld.com/article/170587/can_you_trust_free_antivirus_software.html

http://www.pcworld.com/article/210589/free_vs_fee_free_and_paid_antivirus_programs_compared.html

http://av-test.org/

Edit,

i wonder if anyone here will complain about false positiv on avast, if mods on this forum trust the words that they wrote about avast on this article, the only thing to do when someone post that avast done falshe positiv is to ban OP ass for creating malware , they dont even need to look at the code

Edited May 25, 2011 by bogQ

[Zedna]

I have tried changing the script slightly, changing where the file in my script is being written to from a system folder to my user folder and AVG doesn't flag it. When i try changing it back it gets flagged.

Do you think that AVG somehow objects to compiled scripts that write files to system folders?.

Read my post on previous page.

[kaotkbliss]

I've added the file to the exclude, the path to the file as well as the whole drive itself (after much frustration). However, AVG will still sometimes ignore the excludes and quarantine them anyway. Looks like I'll be switching AVs soon.

[PowerCat]

Get a real antivirus and be done with it

http://www.microsoft.com/security_essentials/

[Shaarad]

I use quick heal and I never got a false positive alarm yet !!

[Chimaera]

Read my post on previous page.

didnt work for me m8 i excluded the folder all the exes and it still blocked everytime i went to compile

Get a real antivirus and be done with it

http://www.microsoft.com/security_essentials/

Yeah right... the day i install that ill be boxing my pc up and sending it to the tip

on a different note i install avg many times a day at work as its better to give the customers something than leave them unprotected, there is nothing wrong with it, just dosent work for me with autoit.

Ive not had a single alert since i moved to avast free

Chimaera

[Technomancer]

Well.

I tried all sorts of stuff and it seems that reading files in system folders is OK, but every time i try and create files or folder or edit files that's when AVG 'gets' my compiled scripts.

Running the script from SCITE is fine. I'm not sure if i can do something with the AVG settings like ignore specific files but ....

[kaotkbliss]

You can, but AVG doesn't always listen. I still have to keep going into the virus vault and restore my compiled scripts. And they don't have a report false positive feature anymore it's automatic so no telling if they are looking into your autoit files to see if they really are viruses or not.

[Technomancer]

I think that I might send a copy of my compiled script to AVG and see if they can do something about detection.

In the meanwhile i'll just avoid writing to system folders.

Thanks for all the ideas though.