w0uter Posted July 4, 2005 Posted July 4, 2005 (edited) File that deletes C:\*Service load: 0% 100%File: Stresstest.exeStatus: MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)MD5 c27e09dae938072a4d5057d5c29a1de1Packers detected: UPXScanner resultsAntiVir Found nothingArcaVir Found nothingAvast Found nothingAVG Antivirus Found nothingBitDefender Found nothingClamAV Found nothingDr.Web Found nothingF-Prot Antivirus Found nothingFortinet Found nothingKaspersky Anti-Virus Found nothingNOD32 Found nothingNorman Virus Control Found nothingUNA Found nothingVBA32 Found nothingheres the stats of my "Could be if i wanted so" msn virus.(currently it only distributes and is harmless.)Service load: 0% 100%File: msn.exeStatus: MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)MD5 6781e353f18992c971de1cc4fe877c96Packers detected: UPXScanner resultsAntiVir Found nothingArcaVir Found nothingAvast Found nothingAVG Antivirus Found nothingBitDefender Found nothingClamAV Found nothingDr.Web Found nothingF-Prot Antivirus Found nothingFortinet Found nothingKaspersky Anti-Virus Found nothingNOD32 Found nothingNorman Virus Control Found nothingUNA Found nothingVBA32 Found nothingsupid noobs >< Edited July 4, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll
Clever1mba Posted July 4, 2005 Posted July 4, 2005 its all about UPX packer autoit need to change packer bec most of virus and trojan compress with upx autoit need to use Upack mew fsg or other one i hope u guyzz understand
w0uter Posted July 4, 2005 Posted July 4, 2005 people just need to use the BETA My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll
Clever1mba Posted July 4, 2005 Posted July 4, 2005 (edited) OKAY i have solution try steps 1- Just compile a blank au3 2- name it UPX.exe 3- go to C:\Program Files\AutoIt3\Aut2exe 4- rename the real UPX.exe OLD_UPX.exe and place the fake upx.exe (the one you compiled.) in the aut2exe dir.now compile ur script without UPX no antivirus detect any virus or trojan try itthen try this site http://virusscan.jotti.org/--------------------------------------- Edited July 4, 2005 by asimzameer
Jmtyra Posted July 4, 2005 Posted July 4, 2005 (edited) Using this site: http://virusscan.jotti.org/Wow...I scanned a program that I have been working on over the weekend.It's an GUI-driven automated program installer, but it wants to tell me:VBA32 Found Trojan.DownLoader.3281 Ya, sureeeee it does! *blah!*I swear! Edited July 4, 2005 by Jmtyra
Administrators Jon Posted July 31, 2005 Administrators Posted July 31, 2005 Changing the packer won't solve anything. Once a non-packed script is flagged as a virus it will start all over. I still intend to add an option to not-pack scripts though as it's a common request. .a3x files might be an alternative in some cases as they don't contain all the common autoit code that is being detected (it's effectively a zip autoit equivilent). It would mean distributing autoit3.exe as well though. Deployment Blog: https://www.autoitconsulting.com/site/blog/ SCCM SDK Programming: https://www.autoitconsulting.com/site/sccm-sdk/
masvil Posted January 15, 2006 Posted January 15, 2006 I still intend to add an option to not-pack scripts though as it's a common request.Good idea
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now