Why is anything written in autoit coming up as a trojan?

Discussion in 'ESET NOD32 Antivirus' started by ChronoStriker1, Jul 27, 2009.

Thread Status:
Not open for further replies.
  1. ChronoStriker1

    ChronoStriker1 Registered Member

    Joined:
    Oct 10, 2008
    Posts:
    10
    Our company uses the autoit scripting language for a lot of things, I cant start having them not work. You cant block an entire scripting language because someone has made malware with it. I can honestly say that we will be dropping eset if this isn't fixed.
     
  2. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    I have just tried the newest version of autoit and compiled a few scripts into executable files. They are not being detected by the ESET software with the latest definitions. What version of autoit are you running? Do you have the latest ESET updates?
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Of course, not every Autoit script is detected. Even if some are detected due to malware-like obfuscation, they are detected as potentially unwanted applications which cover legit tools that MAY be unwanted.
     
  4. ChronoStriker1

    ChronoStriker1 Registered Member

    Joined:
    Oct 10, 2008
    Posts:
    10
    Most of the scripts are using v3.2.12.0 of autoit. None of them use obfuscation. I'm looking for the non compiled scripts now to see if a newer version of autoit fixes the problem.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    The best would be to submit some examples to samples[at]eset.com with "Probable false positive" in the subject. Under what name were the files detected? Did you scan them with the most current signature db. version 4284?
     
Thread Status:
Not open for further replies.