Sign in to follow this  
Followers 0
Bluesmaster

Win32 API Constants why so much virus detections

8 posts in this topic

I discovered the tool "Win32 API Constants" from GaryFrost today, downloaded it and...

tada Windows-Defender ( which never protected me from anything ) deleted it immediately.

 

'?do=embed' frameborder='0' data-embedContent>>

Virustotal discovers a unusual big bundle of trojans and malware.

https://www.virustotal.com/de/file/e07b72f346035626d5ad7157e07c785db038ce681b545999534f4e2109e69d6e/analysis/1381385066/

 

Im sure this is a wrong diagnosis. But why so  hard and why no source is shared.

regards


My UDF: [topic='156155']_shellExecuteHidden[/topic]

Share this post


Link to post
Share on other sites



JohnOne,

The default in the Beta and next release is NOT to use upx - so you could well be the boss and not realise it! :D

M23

1 person likes this

Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind._______My UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites

That is weird. Maybe one should ask GaryFrost to recompile it.

regards


My UDF: [topic='156155']_shellExecuteHidden[/topic]

Share this post


Link to post
Share on other sites

JohnOne,

The default in the Beta and next release is NOT to use upx - so you could well be the boss and not realise it! :D

M23

:) lol

I meant remove the option altogether though, I don't really see the point of it except to have files flagged constantly by the AV plonkers.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

There is still some point to it, like if want a quick script for an embedded system with limited space, but I know what you're saying. Disabled by default is definately better, the file size isn't that big to start with and there's less false flagging. Makes things easier to share

Maybe there's some other compression out there we could use instead? 

Edited by corgano

0x616e2069646561206973206c696b652061206d616e20776974686f7574206120626f64792c20746f206669676874206f6e6520697320746f206e657665722077696e2e2e2e2e

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0