Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

AutoIt3.exe = Threat or Harmless?

Options
Higgybaby
Higgybaby
edited April 2023 in Protection - Malware/ Firmware/etc.

This morning after turning on my machine, I noticed several notifications from Bitdefender regarding the blocking of suspicious connectivity. It'd happen every five minutes or so. I checked the details and it traces back to "C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\AutoIt3.exe" and "C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\PCNAMEUSERNAME.au3" with a detection ID of ML:SuspiciousBehavior.41CCBB8C52D6CAF0.

I've tried Googling what these are and continue to get mixed information. Some say AutoIt3 is a harmless freeware that Windows uses to write scr1pt for its GUI. Others say it's malware and should be uninstalled.

Is this something that I can add to Bitdefender's safety exceptions, or are these safe to remove from my PC entirely?

Comments

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭
    Options

    Hello.

    Only the malware researchers at Bitdefender Labs can help you with the issue.

    You should report the file(s) and/or the URL(s) as false positive to Bitdefender Labs here:

    https://www.bitdefender.com/consumer/support/answer/29358/

    Regards.

  • Alexandru_BD
    Alexandru_BD admin
    Options

    Hi,

    This looks like a task for our malware researchers indeed. To find out what happened, I would follow @Gjoksi's above recommendation to report the detection to our labs, or contact the Support engineers for a more in-depth investigation of the device. Should you require further assistance, you can get in touch with them by choosing one of the contact channels available at the link below:

    https://www.bitdefender.com/consumer/support/help/

    I hope the information is useful.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited April 2023
    Options

    As far as I know, you will have to provide logs to malware researchers since AutoIt v3 is a freeware BASIC-like scripting language designed for automating the Windows GUI and general scripting but a modified version developed by hackers can be used to inject malware into Windows OS.

    Generate bitdefender BDsysLog: https://www.bitdefender.com/consumer/support/answer/1922/

    Generate bitdefender support tool logs: https://www.bitdefender.com/consumer/support/answer/1733/

    Generate bitdefender connectivity logs: https://www.bitdefender.com/consumer/support/answer/9689/

    Share the logs & your query with bitdefender support team by dropping them an email at bitsy@bitdefender.com

    If the generated logs are larger in size, you can upload the logs to google drive or we.tl (7days link validity for free users) or ask the support team to provide you with the online link & password of bitdefender cloud where you can upload the logs and share the upload link with the support team.

    The support team will reply back to your query within next 24-48 hours excluding weekends.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

All Time Leaders

Categories

Defenders of the month