Jump to content

AutoIt generated exe's infected! (False positive)


Recommended Posts

EDIT: I think this should have been posted in the "Scripting ..." thread. Right? Sorry :rolleyes: , please move.

 

 

Until now I have used the following script to import XMLTV EPG into DVBViewer.

(slightly modified version of a script by Mike Robertson)

 

#include <Date.au3>

Const $XMLtv_File       = "TVGuide" & ".xml"


Const $myXMLtv_Path     = "C:\Programmer\DVBViewer\"
Const $myXMLtv_Exe      = "myXMLTV.exe"
Const $myXMLtv_Window   = "DVBViewer XMLTV Import"


Const $DVBViewer_Path   = "C:\Programmer\DVBViewer\"
Const $DVBViewer_Exe    = "DVBViewer.exe"
Const $DVBViewer_Window = "DVBViewer"



;-------------------
;If not runnung, then Start DVBViewer & wait for it's window. Wait another x seconds
;-------------------
$WasDVBViewerRunning = WinExists($DVBViewer_Window)
If Not $WasDVBViewerRunning Then 
 Run($DVBViewer_Path & $DVBViewer_Exe)
 WinWaitActive($DVBViewer_Window)
 Sleep(5000)
EndIf


;-------------------
; Start myXMLtv & wait for it's window.
; tab to the file name, key in the file name.
; tab to the import button & press it.
; Wait  for the import button to be visible again & close the window.
;-------------------


Run($myXMLtv_Path & $myXMLtv_Exe)
WinWaitActive($myXMLtv_Window)
Send("{tab}{tab}{tab}" & $myXMLtv_Path & $XMLtv_File & "{tab}{tab}{ENTER}")
WinWaitActive($myXMLtv_Window , "Import")
WinClose($myXMLtv_Window)


;-------------------
;If DVBViewer was not running then  Close the DVBViewer window
;-------------------
If Not $WasDVBViewerRunning Then 
 WinClose($DVBViewer_Window)
EndIf

 

 

 

Suddently my AVG-antivirus began to detect all AutoIt-compiled exe'es as infected (False Positive).

 

I then decided to write a Delphi program doing the job.

 

(Oh,I hate my username! Didn't know DVBViewer was programmed in Delphi the first time I signed in. It's more than 10 years since I did any Delphi programming.)

 

One advantage of a Delphi program is that no folder names needs to be hardcoded.

The exe can be used as is by anyone. Usermode or Windows localisation doesn't matter.

 

Now to my Delphi programming questions (The exe will reside in the DVBViewer program folder):

 

1) How do I safely get the Path to the DVBViewer Config Folder?

I can find Usermode and Root in usermode.ini in program folder.

This is actually enough to know for now, but maybe in the future there is a Usermode=3 (shared folder on network? :( ).

It is OK to assume DVBViewer is running.

 

 

2) How do I (safely) close DVBViewer ? (se script)

 

Maybe in the meantime DVBViewer has fired a recording job.

Then maybe it should not be closed. Maybe it is OK to close if recordings Service is used.

Maybe it generally should not be closed at all?

In my case the import takes only a few seconds so it has been quite safe to use the above script.

 

 

Well, 10 years is a long time!:

 

3) How to detect if DVBViewer is running ?

 

 

Thanks in advance

 

Delphi (can I somehow change this?)

Edited by Delphi
Link to comment

Hi,

 

just try the following:

 

var
 FDVBViewer: IDVBViewer;

function DVBViewer: IDVBViewer;
var
 Unknown: Iunknown;
begin
 if FDVBViewer = nil then
 begin
Unknown := nil;
if GetActiveObject(CLASS_DVBViewer, nil, Unknown) <> MK_E_UNAVAILABLE then
  Unknown.QueryInterface(IID_IDVBViewer, FDVBViewer);
 end;
 Result := FDVBViewer;
end;

 

If the result is NIL the DVBViewer is not running. All you also should do is to import the com library of the DVBViewer. The rest should be documented in the sdk.

 

Christian

Link to comment

Thank you for the fast answer.

 

That's a good start. I am new to COM programming. But it's time to learn!

 

A few more code snippets would be appriciated :rolleyes:

 

Regards

Link to comment
A few more code snippets would be appriciated ;)

 

@Hackbart

 

I don't think I need any more help for now. :D

 

Your Code snippet works great!

 

You are quite right, it's all there in the COM interface. It's actually quite easy to use even for a COM-newbie. :)

 

Thank you for leading me in that direction

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...