Once again, Avast detects my AutoIt script as a UPX trojan and stops it from working. This happened before in March this year, and I checked it fully and submitted it as a false positive. If Avast keeps doing this I will have no choice but to change to another program.
For the previous postings see: http://forum.avast.com/index.php?topic=27233.new;topicseen#new
I am afraid the problem is still here. I too use AutoIt, and I have a very important compiled script which is now blocked with 000763-0, saying there is a Win32:Hupigon-CXG [Trj] trojan when in fact there is none. Tested on several clean machines. I hope this will be cured quickly, thanks.
No, I reported it to Support because it was very obviously almost the same as the previous false positive. Today Support confirmed the problem and told me that it had been fixed. I checked this on my machine before posting the information here.
Tode
I don’t see where your doubts come from, there have been a number of detections on AutoIt scripts in the past which have been false positives. a search of the forums for AutoIt will most certainly reveal more information.
By saying what you did (“Isn’t it a way to throw dirt at Avast?”) you effectively accuse people of making false claims without evidence.
If you don’t believe me ask Avast: they have confirmed the false positive. Some false positives are inevitable. What annoyed me was having a second false positive on a very similar file to what had just been fixed. I have not any more time to spend on this, so I will not be posting again in this thread unless I experience more similar problems.
Tode
The problem with AutoIt is that there really is a number of viruses out there created in this tool. And since every program created in it shares a great deal of code (the AutoIt code), it is somewhat tricky to distinguish between legit programs created with AutoIt and AutoIt-based malware.
Fred, due to that, if you can, let your AutoIt files in a specific folder and as a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button… You can use wildcards like * and ?.