Au3toCmd -- Avoid false virus positives. (Version: 2022.09.01)

[Skysnake]

Your better AV products handle AutoIt very well. The cheaper / free stuff, like McAfee, Avast, Avira and some others all go nuts when they see AutoIt. Personally I use and recommend ESET NOD32.

 

[ptru]

Hmm I don't get it...

This doesn't seem to work at all.

 

I am using Windows 10 Pro x64 and trying to pack a simple Hello World script fails.

I should see a MessageBox but instead a cmd window pops up and quickly disappears.

When I try to run the file inside a standalone cmd.exe window, it crashes...

 

#include <File.au3>
#include <FileConstants.au3>
#include <InetConstants.au3>
#include <MsgBoxConstants.au3>
#include <TrayConstants.au3>
#include <WinAPIFiles.au3>

MsgBox($MB_SYSTEMMODAL, "Hello World", "Hello World")

 

[Skysnake]

MsgBox(0, "Hello World", "Hello World")

Why the $systemmodal?

And I think you are in the wrong thread

[argumentum]

If Not @Compiled Then
    ; this is simpler and will work fine with portable setups
    $sA3Dir = StringLeft(@AutoItExe, StringInStr(@AutoItExe, '\', 0, -1)-1)
    If $beta Then $sA3Dir &= "\Beta"
    $sA3Ver = StringReplace(FileGetVersion($sA3Dir & "\autoit3.exe"), ",", ".")
Else
    $sA3Dir = RegRead("HKLM\SOFTWARE" & ((@OSArch = 'X64') ? "\Wow6432Node" : "") & "\AutoIt v3\AutoIt", ($beta ? "beta" : "") & "InstallDir")
    $sA3Ver = RegRead("HKLM\SOFTWARE" & ((@OSArch = 'X64') ? "\Wow6432Node" : "") & "\AutoIt v3\AutoIt", ($beta ? "beta" : "") & "Version")
EndIf

.. I think that the above is better. Food for thought.

Edit: Fixed the "$beta" part I did not considered when posting.

Edited March 8, 2023 by argumentum
oops

[argumentum]

On 2/19/2023 at 10:28 AM, ptru said:

doesn't seem to work

True, is not working for me either. My other post above fits my needs but testing the output ( the *.cmd ) it don't work.
When @Exit comes back I'm sure it'll be fixed.

[moldevort]

A friend of mine still has trouble opening the AutoIt-Script. He was try download a file containing the exe and the cmd - both blocked by Windows/Browser. Is there any way to reduce the risk of the file being flagged as false positive even further? (exe gets flagged by 14/70 and cmd by 5/59 according to VirusTotal)

[Musashi]

4 hours ago, moldevort said:

Is there any way to reduce the risk of the file being flagged as false positive even further?

This question has already been asked many times.

You will find answers in the thread  : https://www.autoitscript.com/forum/topic/209561-are-my-autoit-exes-really-infected/

 

[moldevort]

On 4/20/2023 at 7:43 AM, Musashi said:

This question has already been asked many times.

You will find answers in the thread  : https://www.autoitscript.com/forum/topic/209561-are-my-autoit-exes-really-infected/

 

Thank you for the link. However, this doesn't answer my question - windows itself seems to block the file and I am not willing to upload my file to various antivirus sites whenever I want to change a tiny bit of a code.

I am looking for a workaround

Edited April 22, 2023 by moldevort

[Musashi]

1 hour ago, moldevort said:

Thank you for the link. However, this doesn't answer my question - windows itself seems to block the file and I am not willing to upload my file to various antivirus sites whenever I want to change a tiny bit of a code.
I am looking for a workaround

I suspect, you didn't read the thread in its entirety .

Uploading the file to various antivirus vendors and/or Microsoft is just one way to get whitelisted. This can be an annoying procedure, as you have already written, because firstly you have to wait for the clearance, and secondly the process may have to be redone when changes are made in the code.

 

1. If you want to compile your program as an .exe file (and distribute it to other users), the following instructions may be helpful :

#AutoIt3Wrapper_UseX64 = Y
#AutoIt3Wrapper_UseUpx = N

2. My preferred approach is to compile a script as .a3x. 

#AutoIt3Wrapper_OutFile_Type=a3x ; exe/a3x

Take a look at : comment=1472906

 

[moldevort]

On 4/22/2023 at 8:03 AM, Musashi said:

1. If you want to compile your program as an .exe file (and distribute it to other users), the following instructions may be helpful :

#AutoIt3Wrapper_UseX64 = Y
#AutoIt3Wrapper_UseUpx = N

2. My preferred approach is to compile a script as .a3x. 

#AutoIt3Wrapper_OutFile_Type=a3x ; exe/a3x

Take a look at : comment=1472906

 

Thank you for this addition; I already tested disabling UPX, still flagged and making my friends install autoit beforehands is not an option. I will try using the x64 approach

[Musashi]

7 hours ago, moldevort said:

... and making my friends install autoit beforehands is not an option

Info : It is not mandatory to perform a full AutoIt installation on a third party machine to execute .a3x scripts.

It is sufficient, to provide the AutoIt interpreter (i.e. AutoIt3.exe or Au3Info_x64.exe) as standalone files. 

Example :

• Compile your script as .a3x
• Copy the AutoIt interpreter and the a3x.script into a directory of your choice
• Start the script via a .cmd file, via a desktop shortcut or with the respective Execute command from another programming language.  

For this example, we assume that the interpreter and the script are located in the same directory. Otherwise, full path specifications must be given.

@echo off
CLS
cd %~dp0
AutoIt3.exe "my_script.a3x"

An optional passing of command line parameters to the script is supported.

[erix]

Hi, 

I'm very interested in this project because I often have the problem of false positives when I send my exe files to other people.

However, I can't get it to work. I must be doing it wrong.

Here's how I do it:

- I place the Au3toCmd.au3 file in the same folder as my script.
- I open the Au3toCmd.au3 file with Scite.
- I run the Au3toCmd.au3 file with Scite.
- The script asks me to select an au3 file. I select my script.
- It works a little and I get a message telling me that a cmd file has been created in my script folder and that a shortcut has been created on the desktop.

By the way, it still says: X64 Mode=No even if I set #AutoIt3Wrapper_UseX64=Y or 1.

I double-click on the shortcut or CMD file and a command prompt opens briefly and closes again, but my application is not executed.

Nor have I found any other zip or other files as indicated in previous messages.

What am I forgetting to do or doing wrong?

Thanks

[erix]

@Exit No idea what I'm doing wrong?

Thanks

Eric

[argumentum]

14 minutes ago, erix said:

@Exit 

He hasn't come to the forum since 2022 so an answer from him is very unlikely.

In any case, might as well pack these files in Inno setup and use that.
If you need some help with that, take a look at https://www.autoitscript.com/forum/topic/204027-suggestion-for-aut2exe-an-option-with-which-the-script-can-be-embedded-unencrypted/?do=findComment&comment=1466359

If you insist in using a cmd file, search the net for certutil -decode. It's a rather simple concept if you can write batch files.

[erix]

Hi @argumentum

Thanks for the links and tips.

I tried inno setup and it works, but I still can't get the same thing as with the exe file.

I have two icon problems.

From what I understand, you still need a CMD file that indicates that you need to run the AutoIt3.exe or AutoiIt3_64.exe file and the A3X file.

When building the installation file, the executable must be the CMD file, and if you ask to create a link on the desktop, the link points to the CMD file with the icon of this file (which apparently cannot be changed). The user ends up with a gear icon, but not the application icon. It is possible to change the desktop shortcut icon, but this is a manual operation.

Another problem is that A3X files don't take a custom icon into account when they're compiled, so when I run the program, the AutoIt icon appears in my application's dialog box. I would have preferred to put a custom icon like on EXE files.

In your opinion, can these two problems be corrected?

Concerning certutil -decode, I'm sorry, but I didn't understand what I could do with it even after consulting several sites. Can you tell me more?

Thanks

[argumentum]

40 minutes ago, erix said:

From what I understand, you still need a CMD file

no, you don't:

[Run]
; Start the program after installation:
; [Currently commented out]
;Filename: {app}\{#_AppName}; Description:"{#_AppName} {#_AppVerStr} start after completion"; Flags: postinstall nowait skipifsilent
Filename: {app}\AutoIt3.exe ; Parameters: "{app}\MyTool.a3x" ; Flags: postinstall nowait

and the icons and stuff.., I have never done anything with it but the learning curve should not be too hard. It is a script language after all. Just have to get familiar with it.

 

40 minutes ago, erix said:

Concerning certutil -decode

Its a batch file. The output of "certutil -encode fileIn fileOut" goes into a redirect to a file as in :

echo -----BEGIN CERTIFICATE----- > fileout.txt
echo o0hLvphsSqmZTFMKhtZIfUFVMyFFQTA2Taj/cySnPPZ6EvFnrMGT52tDylKmrQAA >> fileout.txt
... ...
echo 4bs6IaUp4+znC5guQL3hmt6ARrGdazsh1LHWdTrIPcbQM/cUr8sXopQBjROI/mSV >> fileout.txt
echo -----END CERTIFICATE----- >> fileout.txt

then you take that fileout.txt and run certutil -decode fileout.txt MyOriginalFile.ext
Again, it's a rather simple concept if you can write batch files.

I'd stick to learning Inno, or any setup packer ( there was was example for Inno here in the forum, that's all ) and leave behind the idea of embedding files in a batch file.

Edited January 18 by argumentum

[argumentum]

47 minutes ago, erix said:

Another problem is that A3X files don't take a custom icon

DllCall('shell32.dll', 'long', 'SetCurrentProcessExplicitAppUserModelID', 'wstr', StringTrimRight(@ScriptName, 4)) ; look at _WinAPI_SetCurrentProcessExplicitAppUserModelID()

I took that line from Control Viewer and it should help with the icon. That script is full of icons. Good example.

Rant: you're out of shape !. Need to do exercise !.  Practice, practice, practice ! ( AutoIt wise )