Search the Community
Showing results for tags 'virus'.
-
Au3toCmd --- Avoid false virus positives Since many virus scanners sometimes prevent a "compiled autoit EXE" from being executed as "false positive", the "*.A3X" format is a suitable format to avoid this problem. See here for more information. In order to simplify this procedure, I wrote the Au3toCmd script. Here a *.Cmd file is generated from a *.Au3 file. The necessary files Autoit3.exe and *.A3x are added to the "*.Cmd" file as "alternate data streams" "Base64" encoded data. Now the Autoit Script can be called by clicking on the cmd file and the anti-virus scanners do not recognize the "false positive". If the short-term flashing of the CMD window bothers you, you can click the desktop shutcut that runs in a minimized window. Unfortunately, because the "alternate data streams", this CMD file cannot be distributed via FTP or email. Only a USB sti ck or removable disk formatted with NTFS can be used. As the new version now uses Base64 data instead of ADS, this statement is out of date. For reasons of compatibility, the old version was sunk into the spoiler here. The script can be called with a file name of an AU3 script as a parameter. If no name is entered, a query is made. For more information, see the header of the script. Suggestions, improvements and bug reports are welcome. Here the versions using base64 data Version: 2022.05.12 (Support blanks in pathnames) Version: 2022.06.23 (Support release candidates. Changed @CrLf to @Lf. Annual cleaning. Optimized #AutoIt3Wrapper handling) Version: 2022.07.22 (Support scripts with the same name but different content in different directories) Version: 2022.07.27 (Support blanks in usernames) Au3toCmd.au3 Version: 2022.09.01 (Optimized annual cleaning) Au3toCmd.au3
- 176 replies
-
- a3x
- false positives
-
(and 3 more)
Tagged with:
-
Today i installed the latest v3.3.14.0 after a clean windows install ,during the installation of autoit my eset nod found a virus in C:\Program Files (x86)\AutoIt3\AutoIt3Help.exe here is the online scan https://www.virustotal.com/en/file/b25d575ebd36301b0e12940f01d53a922148d1471f832aeb327d1e78741d7f31/analysis/ i believe this is a false positive, but we need a prove , then we could fix this this is the first time my AV find a virus in autoit, i had been using autoit and eset fro more than 3 years , any one had the same issue ?
-
Know your system! Prod your system for unwanted code! (virus/malware) Please report bugs/requests/criticism or whatever! ProDLLer v0.503 Update: 23rd of October 2011 ProDLLer.rar Earlier versions downloaded: 2726 times. Most Recent changes... ; 0.503 ; Fixed: Don't leave icon in tray when leaving, XP/7. ; Fixed: Don't leave them after crash either. ; Added: Don't allow shutdown or standby while ProDLLing in XP, Thanks to Prog@ndy. Vista/7, dont alow shutdown. ; Added: Don't let ProDLLer be put to sleep by idletimers in xp/vista/7. ; Fixed: Lockup when returning from sleep in vista/7, . (if "Noprocs" running then disable "noprocs" and resume all procs.) ; Change: No suspending of "theme"-service in XP. On crash, just resume all processes... like we have to in vista/7... ; 0.502 ; Fixed: Gui-problem fixed by BeginPaint/endpaint... tested on win7 ; Fixed: "Crashnet" and SuspendAll. In the unlikely event that this happens. All procs will be resumed on vist and win7. ; Fixed: Fixed false positives in SSDTshadow on vista/win7. ; 0.501 ; Added: SSDTshadow - not complete, but fully functional. = lacking names. (Logic is painful; need to guard against faults...) ; Fixed: Lockup in crashnet if "Services.exe" and "System" is suspended. Just resume them... You can suspend again... ; Fixed: Further lockups, same, to do with themes and "lsass.exe"... ; 0.500 ; Added: Startup-killing... to take a load off the GUI... it will ask... ; Fixed: Slowdown because I accidentaly changed ProDLLer to itterate processes every second... ; Fixed: Process-CPU-utilization. Movement of abandoned children... I cheat. Just load up new list... ; Fixed: Got rid of the Adlib. There were too many possible problems... ; Fixed: CPU-load. Is again aligned... ; 0.499 ; Added: If over 16 procs start from 1 sec to another or if a total of 40 procs have started; "NoProcsAllowed" is activated. ; Added: Crash-recovery... Just start a new instance of ProDLLer... :) ; Change: No loading of moduleinfo at start. ; Added: Refresh moduleinfo when we need it. KINDA CLUNKY SINCE I ITERATE ALL OF THEM, RIGHT NOW.... ; Added: On start of app. Disallow new procs. "NoProcsAllowed" is activated. ; Fixed: A number of bugs that crash Prodller if insane amounts of processes start and stop... ; 0.498 ; Fixed: "KernelNot.". When disabling callbacks; adjacent CBs of same type would sometimes vanish. Famous anti-rootkit had same faulty behavior. ; 0.497 ; Fixed: Lockup when suspending some procs during modules-itteration. Context-menu disabled during itteration. ; Fixed: Lockup after thread-view due to excessive killing of already terminated security-threads... Now checking IF it needs killing... ; Fixed: Lockup when trying to change state of services while it is already working with your earlier request. Disable display.Thanks for functions: Thanks to "Smoke_N" for his "_ProcessListModules()"! Apparently i borrowed it a looooong time ago. Thanks to "Engine" for his GREAT "Windows Services UDF"!!! Thanks to JScript, Larry, SmOke_N, mrRevoked for _ProcessGetPath. I used this because I'm too lazy to do one myself. Special thanks to: Thanks to wraithdu for help and support! Thanks to Ascend4nt for support and friendship! Thanks to trancexx for good talks and friendship! Thanks also to this great community! I really feel empowered! /Manko [EDIT: New version.]
-
Hi! I've been working on a TCP multiclient chat and at some poin in the development it started to be detected as a virus. i don't realy know what to do to make it work. Please help if you know what's hapening. here is the code for the client sorry if it's a mess but in my defence i wrote it in 2 days so i'm glad it works i'll keep the server on for those who want to test it #NoTrayIcon #include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <GuiListView.au3> #include <Sound.au3> #include <EditConstants.au3> #include <WindowsConstants.au3> #include <GuiEdit.au3> #include <GuiTab.au3> Global $sound=_SoundOpen(@WindowsDir&"/media/notify.wav") Global $flash=0, $Loginname, $ulist, $DBLCLKindex Global $ipn="no.better-than.tv", $selvar=-8 Global $cw[15][5], $privartestartnamestatus, $privartestartname Global $xg=500, $yg=500, $hiw=100, $tabslist[20][7] GUIRegisterMsg($WM_NOTIFY, "WM_NOTIFY") TCPStartup() $lg=GUICreate("Log IN",170,70) GUICtrlCreateLabel("Name",10,10,50,20) $ni=GUICtrlCreateInput("",60,10,100,20) $lbut=GUICtrlCreateButton("Login",10,40,150,20,$BS_DEFPUSHBUTTON) GUISetState() While 1 $ms=GUIGetMsg() If $ms=$lbut Then $ip=TCPNameToIP($ipn) $Loginname=GUICtrlRead($ni) $iMainSocket = TCPConnect($ip, 34567) If @error Then MsgBox(0x20, "CWI", "Unable to connect to server") Exit EndIf TCPSend($iMainSocket,"Login####"&$Loginname) GUIDelete($lg) ExitLoop EndIf if $ms=$GUI_EVENT_CLOSE Then TCPShutdown() Exit EndIf WEnd $gui=GUICreate("CWI",$xg,$yg) $file_menu=GUICtrlCreateMenu("File") $file_update_menu=GUICtrlCreateMenuItem("Update",$file_menu) $file_exit_menu=GUICtrlCreateMenuItem("Exit",$file_menu) $tabs=GUICtrlCreateTab(1,0,$xg,$yg-20) $maintab=GUICtrlCreateTabItem("Cwi-Chat") $edit=GUICtrlCreateEdit("",10,30,$xg-115,$yg-140,$ES_READONLY + $WS_VSCROLL,$WS_EX_STATICEDGE) GUICtrlSetState(-1, $GUI_SHOW) _GUICtrlEdit_SetMargins($Edit, BitOR($EC_LEFTMARGIN, $EC_RIGHTMARGIN), 10, 10) GUICtrlSetFont(-1,10,600) GUICtrlSetColor(-1,0x2222ff) $ulist=GUICtrlCreateListView("Online Users",$xg-100,30,90,$yg-140) GUICtrlSetState(-1, $GUI_SHOW) $cm=GUICtrlCreateContextMenu($ulist) GUICtrlSetState(-1, $GUI_SHOW) $openprivate=GUICtrlCreateMenuItem("Private Msg",$cm) GUICtrlSetState(-1, $GUI_SHOW) $inp=GUICtrlCreateInput("",10,$yg-100,$xg-115,70) GUICtrlSetState(-1, $GUI_SHOW) $sbut=GUICtrlCreateButton("SEND",$xg-95,$yg-100,85,70,$BS_DEFPUSHBUTTON) GUICtrlSetState(-1, $GUI_SHOW) GUISetState() edit_append($edit,"Connected to server",0) While 1 $msg=GUIGetMsg() $sNewData = TCPRecv($iMainSocket, 2048) If @error Then edit_append($edit,"Disconected from server; will exit in 10 s",0) Sleep(10000) Exit ElseIf $sNewData Then $split_new_data = StringSplit($sNewData, "####",1) $request=$split_new_data[1] Switch $request Case "Sys" edit_append($edit,$split_new_data[2], 0) Case "Chat" edit_append($edit,$split_new_data[2], 1) If Not WinActive("[TITLE:CWI]") Then _SoundPlay($sound,0) $flash = 1 EndIf Case "Upgrade" upgrade($split_new_data[2]) Case "Userlist" $o_users=StringSplit($split_new_data[2], ",",1) $list=StringReplace($split_new_data[2],",","|") _GUICtrlListView_DeleteAllItems(GUICtrlGetHandle($ulist)) For $z=1 to $o_users[0] GUICtrlCreateListViewItem($o_users[$z],$ulist) Next $lval=1 Case "Privat" $getPrivat=StringSplit($split_new_data[2], "@@@",1) While 1 For $x=0 To 19 If $tabslist[$x][1]=$getPrivat[1] Then edit_append($tabslist[$x][2],$getPrivat[1] & " > " & $getPrivat[2]) $search="TRUE" ExitLoop EndIf $search="FALSE" Next If $search="FALSE" Then Tabs_op("+",$getPrivat[1],0) EndIf If $search="TRUE" Then ExitLoop WEnd Case "User" $get_op=StringSplit($split_new_data[2],"@@@",1) If $get_op[2] = 0 Then For $x=0 To 19 If $tabslist[$x][1]=$get_op[1] Then edit_append($tabslist[$x][2],"User Offline") status_set($x,0) ExitLoop EndIf Next edit_append($edit,$get_op[3]&$get_op[1], 0) EndIf If $get_op[2] = 1 Then For $x=0 To 19 If $tabslist[$x][1]=$get_op[1] Then edit_append($tabslist[$x][2],"User Online",0) status_set($x,1) ExitLoop EndIf Next edit_append($edit,$get_op[3]&$get_op[1], 0) EndIf EndSwitch EndIf if $msg=$GUI_EVENT_CLOSE Then TCPSend($iMainSocket,"Logout####Droped") Sleep(200) TCPShutdown() Exit EndIf if $msg=$sbut Then $data=GUICtrlRead($inp) TCPSend($iMainSocket,"Chat####"&$data) If @error Then MsgBox(0,"","ERROR") GUICtrlSetData($inp,"") EndIf if $msg=$file_update_menu Then TCPSend($iMainSocket,"Upgrade####list") if $msg=$openprivate And $Loginname<>$privartestartnamestatus then Tabs_op("+",$privartestartnamestatus) For $x=0 To 19 If $msg=$tabslist[$x][5] And $tabslist[$x][0]<>-1 Then $data=GUICtrlRead($tabslist[$x][3]) TCPSend($iMainSocket,"Privat####"&$tabslist[$x][1]&"@@@"&$data) If @error Then MsgBox(0,"","ERROR") GUICtrlSetData($tabslist[$x][3],"") edit_append($tabslist[$x][2],$Loginname & " > " & $data) EndIf If $msg=$tabslist[$x][6] And $tabslist[$x][0]<>-1 Then Tabs_op("-",$tabslist[$x][1]) Next If WinActive("[TITLE:CWI]") Then $winactive=1 $flash=0 Else $winactive=0 EndIf If $flash=1 and $winactive=0 Then WinFlash("[TITLE:CWI]","",2,300) EndIf $selectedtab=_GUICtrlTab_GetCurSel($tabs) If $selvar<>$selectedtab Then ;~ MsgBox(0,"",$selectedtab) $selvar=$selectedtab $selectedtext=_GUICtrlTab_GetItemText($tabs,$selectedtab) If $selectedtext="Cwi-Chat" Then GUICtrlSetState($sbut,$GUI_FOCUS) Else GUICtrlSetState($sbut,$GUI_NOFOCUS) EndIf For $x=0 to 19 If $tabslist[$x][0]<>-1 Then ContinueLoop If $selectedtext=$tabslist[$x][1] Then GUICtrlSetState($tabslist[$x][5],$GUI_FOCUS) Else GUICtrlSetState($tabslist[$x][5],$GUI_NOFOCUS) EndIf Next EndIf Sleep(10) WEnd Func edit_append($edithndl, $bla , $prefixstamp = 1 , $stamp="") $Timestamp = String(@hour & ":" & @MIN & " > ") If $prefixstamp= 2 then _GUICtrlEdit_AppendText($edithndl,$stamp & $bla &@CRLF) If $prefixstamp= 1 then _GUICtrlEdit_AppendText($edithndl,$Timestamp & $bla&@CRLF) If $prefixstamp= 0 then _GUICtrlEdit_AppendText($edithndl,$bla&@CRLF) EndFunc Func upgrade($itms) If FileExists("update.exe") Then $file=FileOpen("Update.txt",2) FileWriteLine($file,$itms) FileClose($file) TCPSend($iMainSocket,"Logout####for update") Sleep(200) TCPCloseSocket($iMainSocket) TCPShutdown() Run("Update.exe") Exit EndIf EndFunc Func Tabs_op($op,$tabname="test",$param1=1) If $op="+" Then If _GUICtrlTab_FindTab($tabs,$tabname)<>-1 And $param1=1 Then _GUICtrlTab_ActivateTab($tabs,_GUICtrlTab_FindTab($tabs,$tabname)) Else For $ct1 = 0 To 19 If $tabslist[$ct1][0]<>-1 Then ContinueLoop $tabslist[$ct1][0]=GUICtrlCreateTabItem($tabname) $tabslist[$ct1][6]=GUICtrlCreateButton ( "X",$xg-20,30,15,15 ) GUICtrlSetBkColor(-1,0xFF0000) GUICtrlSetColor(-1,0xFFFFFF) $tabslist[$ct1][1]=$tabname $tabslist[$ct1][2]=GUICtrlCreateEdit("",10,30,$xg-115,$yg-140,$ES_READONLY + $WS_VSCROLL,$WS_EX_STATICEDGE) $tabslist[$ct1][3]=GUICtrlCreateInput("",10,$yg-100,$xg-115,70) $tabslist[$ct1][4]=GUICtrlCreateLabel("STATUS",$xg-95,($yg-90)/2,70,70) GUICtrlSetColor(-1,0xFF00FF) $tabslist[$ct1][5]=GUICtrlCreateButton("SEND",$xg-95,$yg-100,85,70,$BS_DEFPUSHBUTTON) GUICtrlCreateTabItem("") status_set($ct1,1) ExitLoop Next EndIf EndIf If $op="-" Then For $x=0 To 19 If $tabslist[$x][1]<>$tabname Or $tabslist[$x][0]=-1 Then ContinueLoop GUICtrlDelete($tabslist[$x][2]) GUICtrlDelete($tabslist[$x][3]) GUICtrlDelete($tabslist[$x][4]) GUICtrlDelete($tabslist[$x][5]) GUICtrlDelete($tabslist[$x][0]) GUICtrlDelete($tabslist[$x][6]) $tabslist[$x][0]=-1 $tabslist[$x][1]="" Next EndIf EndFunc Func WM_NOTIFY($hWnd, $iMsg, $iwParam, $ilParam) #forceref $hWnd, $iMsg, $iwParam Local $hWndFrom, $iIDFrom, $iCode, $tNMHDR, $hWndListView, $tInfo $hWndListView = $ulist If Not IsHWnd($ulist) Then $hWndListView = GUICtrlGetHandle($ulist) $tNMHDR = DllStructCreate($tagNMHDR, $ilParam) $hWndFrom = HWnd(DllStructGetData($tNMHDR, "hWndFrom")) $iCode = DllStructGetData($tNMHDR, "Code") Switch $hWndFrom Case $hWndListView Switch $iCode Case $NM_DBLCLK $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam) $DBLCLKindex=DllStructGetData($tInfo, "Index") $privartestartname=_GUICtrlListView_GetItemText($hWndListView, $DBLCLKindex) If $Loginname<>$privartestartname Then Tabs_op("+",$privartestartname) EndSwitch EndSwitch Return $GUI_RUNDEFMSG EndFunc Func status_set($labelHnd,$param1=-1) If $param1=1 Then GUICtrlSetData($tabslist[$labelHnd][4],"User"&@CRLF&"ONLINE") GUICtrlSetColor($tabslist[$labelHnd][4],0x00FF00) GUICtrlSetState($tabslist[$labelHnd][3],$GUI_ENABLE) GUICtrlSetState($tabslist[$labelHnd][5],$GUI_ENABLE) EndIf If $param1=0 Then GUICtrlSetData($tabslist[$labelHnd][4],"User"&@CRLF&"OFFLINE") GUICtrlSetColor($tabslist[$labelHnd][4],0xFF0000) GUICtrlSetState($tabslist[$labelHnd][3],$GUI_DISABLE) GUICtrlSetState($tabslist[$labelHnd][5],$GUI_DISABLE) EndIf EndFunc thx