Leaderboard

Put your code between [ autoit] tags instead of [ code] tags, lets get some colour in there. taskmgr.exe > False positive, although sometimes suspect. So it's an edge-case. How are you going to handle those ones? How many false positives are you getting? Because quickly glancing at the 'database' I can say half the entries are potential false positives. I also spotted a few doubles. Wether it's open-source or encrypted or not, it's not a database as it contains just one column, the process names. You say "Can detect over 500 malware's known processes.", but that's not true, it simply detects processes, malware or not. taskmgr.exe isn't malware by definition and the process name alone isn't exactly a criterium to draw a conclusion from. In short, your database is missing relevant data. Consequently, reporting false positives becomes useless, the reported info isn't put to practical use by relating it to the 'malware' entry. In the case of taskmgr.exe the file path would be a good thing to check next. If it isn't in C:\Windows\System32\ it's suspect. You could also check its MD5 or SHA256 checksums, they should be pretty reliable too afaik. Win 7 64-bit taskmgr.exe: MD5 545bf7eaa24a9e062857d0742ec0b28a SHA256 50f2abb613df4813ce74f3b0df080497f689dfcad11f0fc7cd5ea4cdaf093bdf Putting it all together and you get a very simple flatfile CSV database like this: taskmgr.exe,C:Windowssystem32,50f2abb613df4813ce74f3b0df080497f689dfcad11f0fc7cd5ea4cdaf093bdf But if you want some real database power use the SQLite UDF. Another thing you could check is the file's digital signature. Win7 has a buil-in tool for this, sigverif, or you could get the command line tool signtool.exe from the Windows SDK. Alternately there's Sysinternals sigcheck.exe. A quick search on Google gives me the idea this can also be done with DLL calls (Wintrust.dll), but I'm not sure about that. I found this C code on the Sysinternals forum, maybe it's of some use to you. Still, cool concept. Could be interesting to find out how far you can take this in AutoIt. AutoIt exe's get falsely flagged as infected as well, so this could develop into some sweet revenge eh? Also: ;3 Dec 2012 How's the weather going to be in winter?

TinyUninstaller v1.0.0.7 Uninstall your softs easily TipText over labels display Infos. Hold Left Ctrl key when clicking on a label for copy uninstall cmd to the clipboard. Gui is hiden when you launch a soft uninstall. Once uninstall is finished double click on tray icon for restore gui ( softs list will be refresh ) There is no filtering in softs display ( Not as Windows do ! ), like that, you can easily uninstall drivers or Microsoft Windows Components ! but be carefull... x64 Users : Do not Compil with X64 Version. Previous downloads : 43 Source : TinyUnInstaller v1.0.0.7.au3 executable : TinyUninstaller.exe.html (Once this html file downloaded, double click on it for start the download)

Take a look at source code for making Virtual Box portable.

The file that is used when you right-click in Explorer and New > Autoit v3 Script? That would be C:\Windows\ShellNew\Template.au3

Your main problem is your mistaking a ListView with a ListBox, they are not the same thing. If you want to do it with a ListView, use this script with changes to your script. #include <GUIConstantsEx.au3> #include <StructureConstants.au3> #include <WindowsConstants.au3> $modeli = IniReadSectionNames(@ScriptDir & "test.ini") Global $hListView main() Func main() $Form1 = GUICreate("Form1", 623, 449, 192, 114) $hListView = GUICtrlCreateListview("1", 8, 16, 377, 409) GUISetState(@SW_SHOW) GUIRegisterMsg($WM_NOTIFY, "WM_NOTIFY") $Lista = "" For $i = 1 To $modeli[0] $Lista &= "|" & $modeli[$i] GUICtrlCreateListViewItem($modeli[$i], $hListView) Next ;~ GUICtrlSetData($hListView, $Lista) Do Until GUIGetMsg() = $GUI_EVENT_CLOSE GUIDelete() EndFunc ;==>main Func WM_NOTIFY($hWnd, $iMsg, $iwParam, $ilParam) #forceref $hWnd, $iMsg, $iwParam Local $hWndFrom, $iIDFrom, $iCode, $tNMHDR, $hWndListView, $tInfo $hWndListView = $hListView If Not IsHWnd($hListView) Then $hWndListView = GUICtrlGetHandle($hListView) $tNMHDR = DllStructCreate($tagNMHDR, $ilParam) $hWndFrom = HWnd(DllStructGetData($tNMHDR, "hWndFrom")) $iIDFrom = DllStructGetData($tNMHDR, "IDFrom") $iCode = DllStructGetData($tNMHDR, "Code") Switch $hWndFrom Case $hWndListView Switch $iCode Case $NM_CLICK ; Sent by a list-view control when the user clicks an item with the left mouse button $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam) ;~ do something, for testing i use message box. MsgBox(4160, "TEST", "Selected Item: " & GUICtrlRead($hListView)) EndSwitch EndSwitch Return $GUI_RUNDEFMSG EndFunc ;==>WM_NOTIFY

This may be what you are looking for $test = "blablabla <b>asd</b> <img src='test.png'> testtest" $test = StringRegExpReplace($test,"<[^<]*>","") Msgbox(0,"",$test)

Welcome to AutoIt and the forum, A good place to start learning AutoIt is the Wiki. Have a look at the Getting started and the Tutorials sections.

Consider reading/buying this book.