Jump to content

[Solved] Is there any New Info regarding the "Are my AutoIt EXEs really infected?" Topic?


Recommended Posts

Hi

After writing many scripts for my own personal use,

I am considering to write a program, that for the first time, is meant not just for my computer, but for the masses.

I will compile this program to EXE of course.

And this makes me wonder regarding the "Are my AutoIt EXEs really infected?" topic.

I am using ESET NOD32 Antivirus, and it does not recognize AutoIt EXEs as a Virus.

The above mentioned topic, is from 2006.

Are there any news regarding it?

Do we have some status regarding What Antiviruses recognize AutoIt EXEs as a Virus(today..)?

If not, can people here, who have different Antiviruses can post and tell what their Antivirus is aying regatrding AutoIt EXEs?

This will really help me.

Thank you very much

Zohar

Edited by Zohar
Link to post
Share on other sites

Search the forum, there's 100's of topics regarding this, no need to start another.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to post
Share on other sites

Wow.

The situation is not bad at all.

I Covnerted an AutiIt script to an EXE,

and uploaded it to VirusTotal, and out of 42 Anriviruses, only 1 thinks an AutoIt EXE is a Virus:

Posted Image

Edit:

I also tried to Compile to EXE without the UPX Compression (using /nopack),

and the results are abit different:

Still 1 Antivirus thinks an AutoIt EXE is a Virus,

but this time it's another Antivirus - "The Hacker Antivirus":

Posted Image

Edited by Zohar
Link to post
Share on other sites

I've made a few programs, one of which has been downloaded more than 2,500 times, recently I decided to scan it on virus total, it was flagged 36 out of 40+ AVs which really pissed me off.

Edit: especially since the files does no more than just edit a few files.

Edited by ApudAngelorum
Link to post
Share on other sites

36 out of 40???

Completely insane :)

What function might have caused the alarms to go off?

Did you try to comment some blocks of code, in order to find via elimination, which function is the problematic one?

Link to post
Share on other sites

I really wouldn't be sure, I doubt it's any specific functions in it that caused that either.

When I had released the program, I submitted it to various AVs with source code so they wouldn't flag it, they said alright and I noticed the next day that 3 of those AVs stopped flagging it.

2 weeks later they and many others started flagging it so I just gave up.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...