Avast WEBforum
Other => Viruses and worms => Topic started by: wrl on May 16, 2010, 06:01:51 PM
-
As of the latest Avast update, AutoIt V3.6.1 scripting system is being flagged as win32:Malware.gen - apparently due to its use of the .exe compressor upx.exe. I have confirmed beyond all reasonable doubt that there is nothing malicious about this program. Mcafee, Norton do not flag the file.
Avast configuration:
Virus Definitions version: 100516-0
program version: 5.0.545
Win7-64
AutoIt:
V3.6.1
www.autoitscript.com
-
Hi wrl,
Read about this here: http://www.threatexpert.com/files/UPX.EXE.html
I wonder why they don't check UPX (and perhaps other compressors) and systematically exclude it from their database,
the problem is that heuristic detection (not virus definitions) seems to flag UPX more often than PECompact,
polonus
-
may it is a protected exe file then protected by upx i.e:crypted with Crypto-Lock then packed with upx,just a guess. :)