 |
AutoHotkey Community
Let's help each other out
|
| View previous topic :: View next topic |
| Author |
Message |
eagle00789
Joined: 27 Nov 2006
Posts: 52
Location: Heerlen Country: Netherlands
|
 Posted: Thu May 08, 2008 8:12 am Post subject: virus detection (current status) |
 |
|
currently 10 virusscanner detect a autohotkey program as suspicous. i find this number to high. Please view the scanning results here: http://www.virustotal.com/nl/analisis/934982fa540215eb18869a1661631b53
_________________
Before asking a question try to read the manual
Always use the code sections when you paste some code |
|
| Back to top |
|
 |
TempInsanity
Guest
|
| Posted: Thu May 08, 2008 8:24 am Post subject: possible change to compile?? |
|
|
This is not really and AHK bug / issue. It's all to do with UPX.EXE compressing the compiled script (http://www.autohotkey.com/forum/post-195201.html). To prove this, do the rename-upx fix in the post just mentioned, recompile and rescan the resulting EXE. You will probably not see any hits in the scanner.
Question:
Could AHK2EXE.EXE have a "no compression" option and have it set to that by default? |
|
| Back to top |
|
|
eagle00789
Joined: 27 Nov 2006
Posts: 52
Location: Heerlen Country: Netherlands
|
| Posted: Thu May 08, 2008 8:41 am Post subject: |
|
|
You are partially correct about that, but i still urgently ask the creators of ahk to PLEASE MAKE UPX AN OPTION WICH YOU CAN SET AT THE BEGINNING OF THE AHK-FILE WITH A DEFAULT OF OFF (so that it will NOT run through UPX)
Results of scanning with removed UPX (same ahk-sourcefile)
http://www.virustotal.com/nl/analisis/b201cbed4d4d2c139976119b39dc1c1d
_________________
Before asking a question try to read the manual
Always use the code sections when you paste some code |
|
| Back to top |
|
|
[VxE]
Joined: 07 Oct 2006
Posts: 1125
|
| Posted: Thu May 08, 2008 9:40 am Post subject: |
|
|
| eagle00789 wrote: | | You are partially correct about that, but i still urgently ask the creators of ahk to PLEASE MAKE UPX AN OPTION WICH YOU CAN SET AT THE BEGINNING OF THE AHK-FILE WITH A DEFAULT OF OFF (so that it will NOT run through UPX) |
You could just email "prevx1" and "TheHacker" and tell them that their stuff hits AHK scripts as false positives. Maybe you could use ALL CAPS in your emails too... 
btw: moving/renaming/deleting upx.exe from the AHK folder would effectively do what you describe (default script compilation to not use upx)
If you really wanted to go all-out, you could copy the AHKtoEXE.exe file to a seperate folder then use a shortcut or batch file or add an extra "compile (no upx)" option to the shell menu for ahk scripts.
In short, there are many ways for you to get what you are asking for without waiting for someone to do it for you.
_________________
My Home Thread
More Common Answers: 1. It's in the FAQ 2. Ternary ( ? : ) guide 3. Post code with [code][/code] tags |
|
| Back to top |
|
|
Yek-Toho-Tua
Joined: 23 Jul 2004
Posts: 6
|
| Posted: Thu May 08, 2008 3:04 pm Post subject: |
|
|
[VxE] wrote:
| Quote: | | If you really wanted to go all-out, you could copy the AHKtoEXE.exe file to a seperate folder then use a shortcut or batch file or add an extra "compile (no upx)" option to the shell menu for ahk scripts. |
Good idea! Here is the AHK code that will do this on a default install:
| Code: | FileCopyDir, C:\Program Files\AutoHotkey\Compiler, C:\Program Files\AutoHotkey\Compiler_noUPX
FileDelete, C:\Program Files\AutoHotkey\Compiler_noUPX\upx.exe
RegWrite, REG_SZ, HKEY_CLASSES_ROOT, AutoHotkeyScript\Shell\Compile_noUPX\Command, , "C:\Program Files\AutoHotkey\Compiler_noUPX\Ahk2Exe.exe" /in "`%l"
|
_________________
float o=0.075,h=1.5,T,r,O,l,I;int _,L=80,s=3200;main(){for(;s%L||
(h-=o,T= -2),s;4 -(r=O*O)<(l=I*I)|++ _==L&&write(1,(--s%L?_<L?--_
%6:6:7)+"World! \n",1)&&(O=I=l=_=r=0,T+=o /2))O=I*2*O+h,I=l+T-r;} |
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
