Jump to content
The Uniform Server Community
sudeepjd

Uniform Server Zero Malware is a False Positive

Recommended Posts

We have received some concerns from the community that Uniform Server Zero XIV is being flagged as a Trojan or Malware by some antivirus scanners. This is because in the we have included a couple of compiled AutoIT scripts in the new version. Unfortunately some of the antivirus scanners seem to be flagging ANY AutoIT programs as malware just because they are written in AutoIT (See Note Below). A forum discussion can be found at https://www.autoitscript.com/forum/topic/126034-protect-yourself-against-false-virus-detection/

We have submitted these files to VirusTtotal as well to see if they can get excluded as a not a virus. 

The specific files in Uniform Server XIV are as follows:

  • core/mysql/bin/mysqlhide.exe -> This hides the console window for MySQL8.
  • home/us_pear/Intall_PEAR.exe -> This is in the ZeroXIV_pear_1_0_0.exe module, which completely automates the PEAR installation.

The source code of these files can be found at our UniformServer Github repo at https://github.com/iamola/uniserver/tree/master/UniController/autoit

 

Note: I tested a blank compiled AutoIT file with nothing more than a comment at https://www.virustotal.com/gui/file/236867139b4fc19924f1e228aaec3c8b3bee7f40717277bdb906f0ab15874930/detection and it seems to be caught as malware by scanning engines.

Share this post


Link to post
Share on other sites

×
×
  • Create New...