查了一下 Autoit 官網上的文章,似乎這件事情已不是新鮮事了,將原文節錄在這裡讓有疑慮的朋友可以了解。
Are my AutoIt EXEs really infected?
If you have been using AutoIt for any length of time you will know that it is a great, and powerful scripting language. As with all powerful languages there comes a downside. Virus creation by those that are malicious.AutoIt has no virii installed on your system, and if a script you have created has been marked as a virus, (and you're not malicious) then this is a false positive. They found a set of instructions in an AutoIt EXE out there somewhere, took the general signature of the file, and now all AutoIt EXE's are marked (or most of them). This can be due to several reasons.
- AutoIt is packed with UPX. UPX is an open source software compression packer. It is used with many virii (to make them smaller).
- Malicious scripter got the AutoIt script engine recognized as a virus.
Now I am sure you are wanting to know what you can do to get back up and running without being recognized as a virus. You have to send in a report to the offending AV company alerting them to the false positive they have made. It never hurts to send in your source code along with a compiled exe, to help them realize their mistake.
..............底下還有另一位使用者所詢問的文章
Malwarebytes actively believes AutoIt is malware
I wanted to drop by and point out some goings-on with what is, in my opinion as a PC repair tech, the #1 malware removal solution, Malwarebytes' Anti-Malware, versus false detections of compiled AutoIt scripts. As of the definitions around the beginning of this month, Malwarebytes is now flagging nearly all compiled AutoIt EXEs as "BackDoor.Bifrost".
The worst part about it is, they refuse to change their stance about detecting AutoIt executables as malware/PUPs. I haven't yet gotten a reply to my request for "reconsidering" this decision. It's a pretty bad deal, considering AutoIt is no different from any of the hundreds of other programming languages out there (BTW, congrats on that, AutoIt team! Excellent work on that).
I wanted to bring this to the AutoIt community's attention, see what you all think of it. I'm just one person and it seems like I'm the only person that has a problem with AutoIt being blanketed with the "malware" definition. Maybe the AutoIt team can help the Malwarebytes team with the detection of malware written with AutoIt... instead of just calling it all malware!
如果以上面這位網友的敘述,我想只要我是使用 Autoit 來開發程序,會被報毒的機率就是存在的.... So... 看起來面對這個報毒的情況我目前是無能力可解的,這部分是比較抱歉。