EXE has reported viruses in 22 different antivirus products

[WayneSherman]

I tested this in a sandbox, but there is no way I would run this on real system because it is reported as malicious by 22 antivirus products: https://www.virustotal.com/gui/file/62dbaa8d3f763ec75fa2a9826e852a456475cc21f9937e2e29c17fde6b6c47f0

I suspect the BAT to EXE converter has code that is triggering the virus reports. Recommend using another EXE creator such as Nullsoft NSIS or Inno Setup. As a side benefit, both of these EXE creators compress the source files.

[WayneSherman]

I suspect the BAT to EXE converter has code that is triggering the virus reports.

The BAT-to-EXE converter is a closed source EXE from an obscure source. How can we have confidence the converter is not introducing malicious code into the EXE it generates?

[ShadowWhisperer]

I'm in the process of doing it in Python. We'll see how the weekend goes.

[ShadowWhisperer]

It's been redone in Python. Source code is in _Source. Converted to an executable with PyInstaller.

https://www.virustotal.com/gui/file/8f283fdc0021618dcdb085a1878bfb612f65ede6faef569149f1ee6242a12c79/detection

[WayneSherman]

Running from source with python 3.11.1:

PS C:\utl> python.exe .\remove.py
Traceback (most recent call last):
  File "C:\utl\remove.py", line 37, in <module>
    src = os.path.join(sys._MEIPASS, "setup.exe")
                       ^^^^^^^^^^^^
AttributeError: module 'sys' has no attribute '_MEIPASS'

[WayneSherman]

The new python EXE is being flagged in 6 virus scanners (down from 22), which is an improvement.

https://github.com/pyinstaller/pyinstaller/issues/6754 "The false positives occur because some people use PyInstaller for malware, and PyInstaller's bootloader is the only guaranteed common piece between them all."

[WayneSherman]

I am more interested in powershell or cmd file coded solutions. EXEs are too opaque and have virus scanning issues which make them difficult to trust. Python is nice, but not a good choice for my purposes since Python isn't installed on Windows by default.

[ionuttbara]

@WayneSherman can i use the bat file.. for creating my app? maybe it help to solve the specified issues in my project.. Also i will put in 2.5.1 version of the script (be like)

[ionuttbara]

Maybe i will take the bat and i will write in C# and add in args. or what is ok.. the bat or the exe version og the script?

[ShadowWhisperer]

@WayneSherman

AttributeError: module 'sys' has no attribute '_MEIPASS' Where the "Setup.exe" is located when built with PyInstaller.

I am more interested in powershell or cmd file coded solutions. I have no plans to update the .bat version (at the moment). Using a stand alone .bat file requires that setup.exe is also in the same directory as the script (not as portable as a single file). A batch script could download the setup.exe, which would take longer and require file verification.

Python is nice, but not a good choice for my purposes since Python isn't installed on Windows by default That is why it is converted to a .exe file. If you do not trust the presented .exe, use the files here to build it.