Jump to content

Reason behind why compiled 32-bit .exe are AV flagged but not 64-bit


Recommended Posts

Hi AutoIT Masters,

Sorry again but Just want to know if you have any idea why the AutoIT scripts converted into 32-bit.exe files are being deleted by AV but not 64-bit.exe. If we raise it to the AV whitelisting, they come back saying it is false positive.

I disabled AV and everything goes well.

OS: Windows 10 - 64 bit

AV: Symantec

Thanks for the help.

AutoIT test.JPG

Edited by Melba23
Alterred thread title
Link to post
Share on other sites
6 hours ago, MarkIT said:

have any idea why the AutoIT scripts converted into 32-bit.exe files are being deleted by AV

Are you using UPX program compression?

#AutoIt3Wrapper_UseUpx=Y

 

Edited by TheXman
Link to post
Share on other sites

Signature beginning:
Please remember: "AutoIt"..... *  Wondering who uses AutoIt and what it can be used for ? * Forum Rules *
ADO.au3 UDF * POP3.au3 UDF * XML.au3 UDF * IE on Windows 11 for other useful stuff click the following button:

Spoiler

Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind. 

My contribution (my own projects): * Debenu Quick PDF Library - UDF * Debenu PDF Viewer SDK - UDF * Acrobat Reader - ActiveX Viewer * UDF for PDFCreator v1.x.x * XZip - UDF * AppCompatFlags UDF * CrowdinAPI UDF * _WinMergeCompare2Files() * _JavaExceptionAdd() * _IsBeta() * Writing DPI Awareness App - workaround * _AutoIt_RequiredVersion() * Chilkatsoft.au3 UDF * TeamViewer.au3 UDF * JavaManagement UDF * VIES over SOAP * WinSCP UDF * GHAPI UDF - modest begining - comunication with GitHub REST APIErrorLog.au3 UDF - A logging Library * Include Dependency Tree (Tool for analyzing script relations) *

My contribution to others projects or UDF based on  others projects: * _sql.au3 UDF  * POP3.au3 UDF *  RTF Printer - UDF * XML.au3 UDF * ADO.au3 UDF SMTP Mailer UDF * Dual Monitor resolution detection * * 2GUI on Dual Monitor System * _SciLexer.au3 UDF * SciTE - Lexer for console pane

Useful links: * Forum Rules * Forum etiquette *  Forum Information and FAQs * How to post code on the forum * AutoIt Online Documentation * AutoIt Online Beta Documentation * SciTE4AutoIt3 getting started * Convert text blocks to AutoIt code * Games made in Autoit * Programming related sites * Polish AutoIt Tutorial * DllCall Code Generator * 

Wiki: Expand your knowledge - AutoIt Wiki * Collection of User Defined Functions * How to use HelpFile * Good coding practices in AutoIt * 

OpenOffice/LibreOffice/XLS Related: WriterDemo.au3 * XLS/MDB from scratch with ADOX

IE Related:  * How to use IE.au3  UDF with  AutoIt v3.3.14.x * Why isn't Autoit able to click a Javascript Dialog? * Clicking javascript button with no ID * IE document >> save as MHT file * IETab Switcher (by LarsJ ) * HTML Entities * _IEquerySelectorAll() (by uncommon) * IE in TaskSchedulerIE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) * PDF Related:How to get reference to PDF object embeded in IE * IE on Windows 11

I encourage you to read: * Global Vars * Best Coding Practices * Please explain code used in Help file for several File functions * OOP-like approach in AutoIt * UDF-Spec Questions *  EXAMPLE: How To Catch ConsoleWrite() output to a file or to CMD *

I also encourage you to check awesome @trancexx code:  * Create COM objects from modules without any demand on user to register anything. * Another COM object registering stuffOnHungApp handlerAvoid "AutoIt Error" message box in unknown errors  * HTML editor

winhttp.au3 related : * https://www.autoitscript.com/forum/topic/206771-winhttpau3-download-problem-youre-speaking-plain-http-to-an-ssl-enabled-server-port/

"Homo sum; humani nil a me alienum puto" - Publius Terentius Afer
"Program are meant to be read by humans and only incidentally for computers and execute" - Donald Knuth, "The Art of Computer Programming"
:naughty:  :ranting:, be  :) and       \\//_.

Anticipating Errors :  "Any program that accepts data from a user must include code to validate that data before sending it to the data store. You cannot rely on the data store, ...., or even your programming language to notify you of problems. You must check every byte entered by your users, making sure that data is the correct type for its field and that required fields are not empty."

Signature last update: 2022-03-07

Link to post
Share on other sites
  • Moderators

MarkIT,

As I posted when closing your completely unnecessary (although I know you were pointed there) Trac ticket - it is nothing to do with an AutoIt bug. If Symantec already agree it is a false positive then ask them to change their algorithm to prevent it being flagged - that has worked for me with other AV providers in the past.

Thread locked.

M23

 

Public_Domain.png.2d871819fcb9957cf44f4514551a2935.png Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind

Open spoiler to see my UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By SonJoe
      Hi all,
      I have compiled a script to exe (using aut2exe) and delivered it to another machine, which does not have AutoIt installed. There, it does not run, but tells me that an undefined variable is used.
      I assume that the files referred to by #include are not embedded in the exe.
      How can I make sure the included files are available, when I deploy the exe to another machine?
      Thanks in advance for your helpful hints!
    • By Mobius
      Last updated 9/10/21

      Features
      Simple Integrated countermeasures against file and memory analysis based decompilers. Add basic types of resources into the interpreter or other types as raw data. Define multiple programs to execute pre and post build. Create and include pe version information. User defined patches that can be implemented globally on the interpreter and compiler or selectively. Handles its own basic macro's as well as environment variables in most fields for easier path finding. Drag and drop configs (script bound or separate) to the input edit box or to the icon to load them. Configuration settings can be copied to the clipboard or saved as config files or Au3 scripts. Settings can now be saved directly to an AutoIt3 script. Subsystem independant, can act as a gui or console tool. And much more. See next post for update information.
      A3C_97.16b.7z
      A3C_97.16b.7z A3C_98_18b.zip
    • By HenryJiu
      Hello!
      I have a question , about Mac and Autoit3.
      I want to convert my script to Mac App,but Aut2Exe just convert to EXE!
      So I asked if there was a way to convert scripts to MAC App
      My English isn't very good,so don't laugh please😃
    • By JoGa
      Greetings,
      here is a Autoit3 v3.3.14.5, 64 Bit installation on windows 10 with current updates.
      In a simple script I'm Dllcall'ing a 64 bit dll.
      # T1.au3 Local $name = "T1DLL.dll" if (FileExists($name)) Then ConsoleWrite("DLL '" &$name &"' exists" &@CRLF) EndIf Local $DLL = DllOpen($name) if (@ERROR OR $DLL = -1) then ConsoleWrite("DllOpen ERROR=" &@ERROR &" DLL=" &$DLL &@CRLF) Else ConsoleWrite("DllOpen Success" &@CRLF) endif DllCall($DLL, "none:cdecl", "SomeFunction", "str", "DLL Call from T1.au3") if (@ERROR) then ConsoleWrite("DllCall ERROR=" &@ERROR &" DLL=" &$DLL &@CRLF) Else ConsoleWrite("DllCall Success" &@CRLF) endif The C code contains one 64 bit OpenCV call:    cv::destroyAllWindows();.

      Excuting T1.au3 with SciTE gives:

      If the c code is compiled *without* the OpenCV call T1.au3 runs successful:
       
      I checked T1DLL.dll, it's definitely a 64 bit dll.
      What could cause the problem?
      Any hint would be very much appreciated.
      Thanks
      Wolf
       
       
       
       
    • By Prabuddha
      my .au3 file runs without any problems with SciTE editor. But when I compiled it to exe file, it is give me errors. below you can see my code and error with my AutoIt versions.
      How can I solve this?
      SciTE Version 4.1.0 autoIt script file name = gitversion.au3 complide exe file name = gitversion.exe  
      #RequireAdmin ;set mouse coordinates relative to window size by giving value 0 for second parameter AutoItSetOption('MouseCoordMode', 0) $System32Dir=@SystemDir $SystemDriveLetter=Stringleft($System32Dir,1) ;$SystemDriveLetter example is 'C' drive in the hard-disk (windows installed drive letter) ;msgbox(0,0,'System drive letter is: ' & $SystemDriveLetter) DirRemove($SystemDriveLetter & ":\GitTest\Git",1) DirCreate($SystemDriveLetter & ":\GitTest") Local $gitHere = $SystemDriveLetter & ":\GitTest" DirCreate($SystemDriveLetter & ":\JasperDesti") ; Disable user input from the mouse and keyboard. BlockInput(True) SplashTextOn("Installing","Please Wait..!", 200, 50) Run("cmd.exe") WinWaitActive("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "") $gitBashPath = $SystemDriveLetter & ":\Program Files\Git\bin\sh.exe" ControlSend("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "", "", '"' & $gitBashPath & '" --login') ;ControlSend("Administrator: C:\WINDOWS\SYSTEM32\cmd.exe", "", "", '"C:\Program Files\Git\bin\sh.exe" --login') Send("{Enter}") ControlSend("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "", "", 'cd ' & $gitHere) Send("{Enter}") ControlSend("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "", "", 'git clone https://mcmedisoft.visualstudio.com/Git/_git/Git && echo "cloned"') Send("{Enter}") Local $gitSignIn = WinWait('Sign in to your account', '', 6) $lowerSysDriveLetter = StringLower($SystemDriveLetter) ;$gitSignIn = 0 means sign in window didn't apper because user already signed in to bash. $gitSignIn != 0 means user hasn't signed in and should type passwords. If $gitSignIn == 0 Then ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "cd Git") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "git checkout WorkerEvent") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "exit") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "exit") Send("{Enter}") Else WinActivate('Sign in to your account') ;MouseClick('primary', 126, 338, 2, 0) SplashOff() ; Enable user input from the mouse and keyboard. BlockInput(False) WinWaitClose('Sign in to your account') ; Disable user input from the mouse and keyboard. BlockInput(True) SplashTextOn("Installing","Please Wait..!", 200, 50) ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "cd Git") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "git checkout WorkerEvent") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "exit") Send("{Enter}") ControlSend("MINGW64:/" & $lowerSysDriveLetter & "/GitTest", "", "", "exit") Send("{Enter}") ; Enable user input from the mouse and keyboard. BlockInput(False) WinWaitActive("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "", 4) ControlSend("Administrator: " & $SystemDriveLetter & ":\WINDOWS\SYSTEM32\cmd.exe", "", "", 'exit') Send("{Enter}") EndIf ; Enable user input from the mouse and keyboard. BlockInput(False) WinWaitClose("MINGW64:/" & $lowerSysDriveLetter & "/GitTest") DirRemove($SystemDriveLetter & ":\JasperDesti\tomcat", 1) ;$tomcatCreateSuccess = DirCreate($SystemDriveLetter & ":\JasperDesti\tomcat") ;DirCreate($SystemDriveLetter & ":\JasperDesti\tomcat") $sSourceFolder = $SystemDriveLetter & ":\GitTest\Git" $sDestFolder = $SystemDriveLetter & ":\JasperDesti\tomcat" _CopyFolder($sSourceFolder,$sDestFolder) SplashTextOn("Completed","Done..!", 200, 50) Sleep(1000) SplashOff ; _CopyFolder funchtion is use to copy a folder while displaying a progress bar func _CopyFolder($sSourceFolder,$sDestFolder) dirremove($sDestFolder,1) local $iSourceSize = DirGetSize($sSourceFolder), $iDestSize local $pid = Run(@AutoItExe & ' /AutoIt3ExecuteLine "DirCopy(''' & $sSourceFolder & ''', ''' & $sDestFolder & ''')"') ProgressOn("Copy Progress", "Please Wait...") Do $iDestSize = dirgetsize($sDestFolder) local $ipct = int(($iDestSize/$iSourceSize)*100) ProgressSet($ipct,$ipct & ' percent complete') sleep(20) Until not ProcessExists($pid) ProgressOff() endfunc  

×
×
  • Create New...