Autoit false positives

Avast Free Antivirus / Premium Security
1

I’m getting some annoying false alerts on compiled Autoit exe’s.

‘Sign of “Win32:Trojan-gen. {UPX!}” has been found in "C:\Program Files…’

Build 4.6.744, latest updates

2

Hello :slight_smile:

With latest VPS update(0603-0) had been added and new Trojan-gens. If you get a false positive you can send the file to virus[at]avast[dot]com in password protected archive (usually the password is “virus”) and in the mail body you can write that this is a false positive detection. And Alwil will fix the problem :wink:

3

Hi, im getting also false positives on my own compiled autoIT scripts. Using VPS 0603-0. Scared the sh*t out of me, but fortunately it seems that they are false positives

4

Same here.

What kind of archive do you need?

~Dave

(Newbie here)

5

To what?
Just add the AutoIt files to the exclusion lists.
I did it with a whole folder of AutoIt files. Other programs will detect them as false positives too due to the nature of the trojan-gen signatures… Ewido, Trojan Hunter, a-squared… from time to time give these false alarms.

For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…

For the other providers (on-demmand scanning):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…

6

Clank, teknobass, Dorset Dave, please send the files (the ones that are incorrectly detected) to virus@avast.com. The best way is to pack them with ZIP or RAR, protected the archive with a password and send the e-mail e.g. with “false alarm” subject (don’t forget to note the password in the e-mail).
You may have to disable the resident protection temporarily (to be able to pack the file).

7

This is the third occasion that compiled AutoIt scripts have been recognised as Trojans, that I can remember. On each occasion it gets fixed, so why, oh why can’t Avast be tested with them BEFORE it gets updated to the world?

What’s the difference between AutoIts and, say, InstallShield installers, WinZip sfx-s etc.?

Please, Mr. Avast, could you incorporate a few AutoIts in your pre-release testing? Thanks!

Pete

8

They are “incorporated”.
Unfortunatelly, it seems there are many versions…

9

Clearly the CURRENT version of AutoIt is not incorporated? Otherwise we wouldn’t get the false positives!

Surely it’s not too much to ask for - just to make AutoIts compiled with the current version of Autoit accepted by Avast?

10

Edit: Withdrawn. My apologies.

11

with the latest avast signatur 615-0 i dont have any false positive alerts with my autoit3.
so, all runs fine… (for me…)