Hi Valinorum,

I guess that it is a false heuristic packer detection on UPX, AutoIt, UPX.

Compiled AutoIt scripts can optionally be compressed with UPX. UPX is an open source software compression packer. It is used with many viruses (to make them smaller).
quote info source: http://www.autoitscript.com/wiki/AutoIt_and_Malware

Would not be surprised at all when again this would be the case for the ComboFix FP. :wink:
also possible it is in the AutoIt bin file where the detection is being flagged ;D

Also see: http://anubis.iseclab.org/?action=result&task_id=16d9e74075c2d7574516ab635ed197560&format=html

Source code should be forwarded in a report to avast! to independently verify the generic dropper find is indeed based upon a false positive detection!

greets and a happy Easter to you and yours,

polonus

P.S. avast! no longer flags it? → https://www.virustotal.com/nl/file/7926e3e0e44d02df8740471cd0ad4bd8ba74af8363e7f9682d75b1163345c45e/analysis/