Jump to content
DaLiMan

my EXE has an Trojan:Win32/Fuerboos.B!cl ???

Recommended Posts

DaLiMan

Hi,

Today I got a message my exe file is a trojan [Trojan:Win32/Fuerboos.B!cl] and is very dangerous?!

Now ofcourse this is not the case, but MS defender thinks otherwice.
Can I re-code my source or something or has this to do with the auto-it compiler?

Sourcecode is below:

 

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_Icon=BMP\Meso.ico
#AutoIt3Wrapper_Res_Comment=Open MesoBoek.accdb boekhouding.
#AutoIt3Wrapper_Res_Description=MesoBoek
#AutoIt3Wrapper_Res_Fileversion=0.1.0.5
#AutoIt3Wrapper_Res_Fileversion_AutoIncrement=p
#AutoIt3Wrapper_Res_LegalCopyright=Mirjam Lith Mesologie
#AutoIt3Wrapper_Res_Language=1043
://////=__=
#AutoIt3Wrapper_Run_Tidy=y
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

;================================================= #INCLUDE settings ========================================================
#include <MsgBoxConstants.au3>
#include <FileConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <ColorConstants.au3>
#include <InetConstants.au3>

;============================================== Optie settings en variabelen =================================================
HotKeySet("{ESC}", "_ExitNow")
FileInstall(".\BMP\Meso_met.jpg", @ScriptDir & "\Meso_met.jpg")
FileInstall("Meso.ico", @ScriptDir & "\Meso.ico")

Dim $url = "http://www.mirjamlithmesologie.nl/MB/version.mb"
Dim $urlDB = "http://www.mirjamlithmesologie.nl/MB/MesoBoek.accdb"
Dim $curVer = @ScriptDir & "\version.mb"
Dim $NewDB = @ScriptDir & "\MesoBoek.accdb"
Global $iPID
Global $Name = "MesoBoek"
Global $DoubleRunChk = $Name & "!"

Local $sDBlokatie, $sDBbupLokatie
;~ Local $sDBnaam = "MesoBoek_be"
;~ Local $sDBextentie = ".accdb"
;~ Global $oErrorHandler = ObjEvent("AutoIt.Error", "_ErrFunc")

Local $DBdata = @ScriptDir & "\Data\MesoBoek_db.accdb"
Local $tblname = "tblDBgegevens"
Local $query = "SELECT * FROM " & $tblname
Local $oShell = ObjCreate("shell.application") ; Get the Windows Shell Object
ConsoleWrite("oShell=" & $oShell & @CRLF)

; ================================== Controle of het programma niet dubbel wordt opgestart ==================================
If WinExists($DoubleRunChk) Then
    WinClose(WinGetHandle($DoubleRunChk))
EndIf
AutoItWinSetTitle($DoubleRunChk)

;======================================================= Check Data beschikbaarheid ========================================================

$adoCon = ObjCreate("ADODB.Connection")
ConsoleWrite("adocon=" & $adoCon & @CRLF)
;~ $adoCon.Open("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\Documents\Boekhouding\Data\MesoBoek_db.accdb;User Id=;Password=;")
$adoCon.Open("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" & $DBdata & ";User Id=;Password=;")
$adoRs = ObjCreate("ADODB.Recordset")
$adoRs.CursorType = 1
$adoRs.LockType = 3
$adoRs.Open($query, $adoCon)

$sDBlokatie = $adoRs.Fields("DBlokatie").value ;Retrieve value by field name
$sDBbupLokatie = $adoRs.Fields("BupLokatie").value ;Retrieve value by field name

If $sDBlokatie = Null Then $sDBlokatie = @ScriptDir & "\Data"
If $sDBbupLokatie = Null Then $sDBbupLokatie = @ScriptDir & "\Data\BackUp"
$adoCon.Close

If FileExists($sDBlokatie) = 0 Then
    MsgBox(64, $Name & " - Foutmelding", "De DataBase verbinding op onderstaande lokatie is niet beschikbaar, herstel de vebinding en probeer opnieuw." & @CRLF & @CRLF & $sDBlokatie)
    Exit
EndIf

;====================================================== GUI settings==========================================================
#Region ### START Koda GUI section ### Form=
$Form1 = GUICreate("Form1", 508, 247, 192, 124, BitOR($WS_BORDER, $WS_POPUP), BitOR($WS_EX_TOPMOST, $WS_EX_TOOLWINDOW))
GUISetBkColor(0xFFFFFF)
$Pic1 = GUICtrlCreatePic(@ScriptDir & "\Meso_met.jpg", 24, 16, 73, 89)
$Label1 = GUICtrlCreateLabel("MesoBoek - Daniel Lith - 2016", 360, 224, 147, 17)
$Label2 = GUICtrlCreateLabel("MesoBoek", 136, 32, 268, 69)
GUICtrlSetFont(-1, 42, 400, 0, "Arial")
$Label3 = GUICtrlCreateLabel("", 28, 144, 460, 17)
$btnUpdate = GUICtrlCreateButton("Update", 384, 184, 89, 25)
GUICtrlSetState(-1, $GUI_HIDE)
$btnNoUpdate = GUICtrlCreateButton("Nu niet", 280, 184, 89, 25)
GUICtrlSetState(-1, $GUI_HIDE)
$Progress = GUICtrlCreateLabel("", 24, 164, 5, 17)
GUICtrlSetBkColor(-1, 0x17D81B)

GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

;======================================================= RUN program ========================================================


While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case Else
            _VersieControle()
            Sleep(1000)
            _Startup()
            Sleep(2000)
            _Progressor(460, "Klaar.")
            Sleep(300)
            Exit
    EndSwitch
WEnd


Func _VersieControle()
    _Progressor(50, "Verbinding maken met server.")
    Local $sCurVersie = FileRead($curVer)
;~  MsgBox(0, "", $dFile)

    ; Read the file without downloading to a folder. The option of 'get the file from the local cache' has been selected.
    Local $dData = InetRead($url, 19)
    ; Convert the ANSI compatible binary string back into a string.
    Local $sOnlineVersie = StringRegExpReplace(BinaryToString($dData), '\s', "")
;~  Local $sOnlineVersie = InetGetInfo($dData)
    ; Display the results.
;~  MsgBox($MB_SYSTEMMODAL, "", $sOnlineVersie)

    If $sCurVersie < $sOnlineVersie Then
        GUICtrlSetState($btnUpdate, $GUI_SHOW)
        GUICtrlSetState($btnNoUpdate, $GUI_SHOW)
        _Progressor(100, "Nieuwe versie [v." & $sOnlineVersie & "] beschikbaar. Nu updaten?")

        While 1
;~          Local $msg = MsgBox($MB_OKCANCEL + $MB_ICONWARNING, "Update", "Wilt u nu een update uitvoeren?")
            $nMsg = GUIGetMsg()
            Switch $nMsg
                Case $btnNoUpdate
                    _Progressor(250, "Verder zonder updaten.")
                    ExitLoop
                Case $btnUpdate
                    _Progressor(250, "Downloaden nieuwe versie")
                    FileSetAttrib($curVer, "-H")
                    Local $dGet1 = InetGet($url, $curVer, $INET_FORCERELOAD, $INET_DOWNLOADBACKGROUND)

                    Do
                        Sleep(250)
                    Until InetGetInfo($dGet1, $INET_DOWNLOADCOMPLETE)

                    FileSetAttrib($curVer, "+H")

                    Local $dGet2 = InetGet($urlDB, $NewDB, $INET_FORCERELOAD, $INET_DOWNLOADBACKGROUND)
                    Do
                        Sleep(250)
                    Until InetGetInfo($dGet2, $INET_DOWNLOADCOMPLETE)
                    ExitLoop

            EndSwitch
        WEnd
    Else
        If $sOnlineVersie = "" Then
            _Progressor(280, "Kan geen verbinding met server maken.")
        Else
            _Progressor(280, "U heeft de laatste versie.")
        EndIf
    EndIf

EndFunc   ;==>_VersieControle


Func _Startup()
    _Progressor(380, "Bezig met opstarten MesoBoek")
    $iPID = ShellExecute(@ScriptDir & "\MesoBoek.accdb")
    ConsoleWrite("PID: " & $iPID & @LF)
EndFunc   ;==>_Startup


Func _Progressor(Const $procent, Const $dText)
    GUICtrlSetPos($Progress, 24, 164, $procent)
    GUICtrlSetData($Label3, $dText)
EndFunc   ;==>_Progressor

Func _ExitNow()
    Exit
EndFunc   ;==>_ExitNow

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×