Not what you are looking for? Ask the experts!
AUTOIT3 hidden in torrent file? RAT?
I use torrents. Today I had a unique experience (for me) with a file that caused Norton to warn of intrusion attempts. Here is what happened:-
01) I recently downloaded a .torrent file - 100 Assorted Magazines - July 09-2019.torrent
02) I downloaded the content of the .torrent file - it was automatically moved to a "temporary" location on an external HDD
03) Today I got around to looking at the content
04) Most unusually it turned out to be a compressed .rar file - 100 Assorted Magazines - July 09-2019 (True PDF).rar
05) Using WinZip I opened the .rar file
06) Even MORE unusual it contained a .exe file - Z-100 Assorted Mgazines.exe Size= 1,278,976
07) I extracted the .exe file to a sub-folder
08) The folder contained only the .exe file
09) I ran the .exe file and 60 magazines appeared in the folder (NOT the 100 as advertised)
10) Within a couple of minutes Norton started issuing messages of intrusion attempts related to AUTOIT3.EXE
11) I closed everything and ran NPE as suggested. It only showed the usual 5 programs that I like but Norton doesn't :-)
12) An internet search showed i) AUTOIT is an OK program BUT ii) it has been related to *RAT* attacks
13) All seems to be quiet and running OK now.
Has anyone else had a similar experience with a .torrent file in recent days? It is the first time anything like this has happened in my torrenting pastime. Compressed files are a rarity these days so I was a little wary before I started opening files.
I look forward to hearing from you :-) I'm off to see if I can find out who uploaded this!