Jump to content

Autoit False Positives


Sikem

Recommended Posts

I was testing upgrading our AV from ClamAV 1.0.26 to Immunet 3.0 for my organization (approx. 150 users). However, it now detects all our scripts created with AutoIT as malware. Is there a workaround other than creating an exception for each and every script?

Link to comment
Share on other sites

Hi Sikem, I'm looking into this to see if we can find a way to mark your autoIT scripts as clean in the cloud. Just so I'm clear though - your seeing Immunet detect your *scripts* as malicious, not the autoit application itself? Can you tell me what version of autoit your using, and would you mind sending me an example of one of your scripts to support@immunet.com with the subject "For RobT - forum thread 1171"?

 

In the mean time, the quickest remediation I can think of would be to add a filetype exclusion to exclude *.au3 (i.e. all autoit scripts).

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...