Autoit complied exe detect as a TrojanDownload?

[w0uter]

File that deletes C:\*

Service load: 

0%        100%

File:  Stresstest.exe

Status: 

MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)

MD5  c27e09dae938072a4d5057d5c29a1de1

Packers detected:  UPX

Scanner results

AntiVir  Found nothing

ArcaVir  Found nothing

Avast  Found nothing

AVG Antivirus  Found nothing

BitDefender  Found nothing

ClamAV  Found nothing

Dr.Web  Found nothing

F-Prot Antivirus  Found nothing

Fortinet  Found nothing

Kaspersky Anti-Virus  Found nothing

NOD32  Found nothing

Norman Virus Control  Found nothing

UNA  Found nothing

VBA32  Found nothing

heres the stats of my "Could be if i wanted so" msn virus.

(currently it only distributes and is harmless.)

Service load: 

0%        100%

File:  msn.exe

Status: 

MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)

MD5  6781e353f18992c971de1cc4fe877c96

Packers detected:  UPX

Scanner results

AntiVir  Found nothing

ArcaVir  Found nothing

Avast  Found nothing

AVG Antivirus  Found nothing

BitDefender  Found nothing

ClamAV  Found nothing

Dr.Web  Found nothing

F-Prot Antivirus  Found nothing

Fortinet  Found nothing

Kaspersky Anti-Virus  Found nothing

NOD32  Found nothing

Norman Virus Control  Found nothing

UNA  Found nothing

VBA32  Found nothing

supid noobs ><

Edited July 4, 2005 by w0uter

[Clever1mba]

its all about UPX packer autoit need to change packer bec most of virus and trojan compress with upx

autoit need to use Upack mew fsg or other one

i hope u guyzz understand

[w0uter]

people just need to use the BETA

[Clever1mba]

OKAY

i have solution

try steps

1- Just compile a blank au3

2- name it UPX.exe

3- go to C:\Program Files\AutoIt3\Aut2exe

4- rename the real UPX.exe OLD_UPX.exe and place the fake upx.exe (the one you compiled.) in the aut2exe dir.

now compile ur script without UPX

no antivirus detect any virus or trojan try it

then try this site http://virusscan.jotti.org/

---------------------------------------

Edited July 4, 2005 by asimzameer

[Jmtyra]

Using this site: http://virusscan.jotti.org/

Wow...I scanned a program that I have been working on over the weekend.

It's an GUI-driven automated program installer, but it wants to tell me:

VBA32 Found Trojan.DownLoader.3281

Ya, sureeeee it does! *blah!*

I swear!

Edited July 4, 2005 by Jmtyra

[Jon]

Changing the packer won't solve anything. Once a non-packed script is flagged as a virus it will start all over. I still intend to add an option to not-pack scripts though as it's a common request.

.a3x files might be an alternative in some cases as they don't contain all the common autoit code that is being detected (it's effectively a zip autoit equivilent). It would mean distributing autoit3.exe as well though.

[masvil]

I still intend to add an option to not-pack scripts though as it's a common request.

Good idea