AutoIt3.exe = Threat or Harmless?

Higgybaby · 2023-04-25T16:05:54+00:00

There was an error rendering this rich post.

This morning after turning on my machine, I noticed several notifications from Bitdefender regarding the blocking of suspicious connectivity. It'd happen every five minutes or so. I checked the details and it traces back to "C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\AutoIt3.exe" and "C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\PCNAMEUSERNAME.au3" with a detection ID of ML:SuspiciousBehavior.41CCBB8C52D6CAF0.

I've tried Googling what these are and continue to get mixed information. Some say AutoIt3 is a harmless freeware that Windows uses to write scr1pt for its GUI. Others say it's malware and should be uninstalled.

Is this something that I can add to Bitdefender's safety exceptions, or are these safe to remove from my PC entirely?

Find more posts tagged with

Comments

Gjoksi

Hello.

Only the malware researchers at Bitdefender Labs can help you with the issue.

You should report the file(s) and/or the URL(s) as false positive to Bitdefender Labs here:

https://www.bitdefender.com/consumer/support/answer/29358/

Regards.

Alexandru_BD

Hi,

This looks like a task for our malware researchers indeed. To find out what happened, I would follow @Gjoksi's above recommendation to report the detection to our labs, or contact the Support engineers for a more in-depth investigation of the device. Should you require further assistance, you can get in touch with them by choosing one of the contact channels available at the link below:

https://www.bitdefender.com/consumer/support/help/

I hope the information is useful.

Regards

Flexx

As far as I know, you will have to provide logs to malware researchers since AutoIt v3 is a freeware BASIC-like scripting language designed for automating the Windows GUI and general scripting but a modified version developed by hackers can be used to inject malware into Windows OS.

Generate bitdefender BDsysLog: https://www.bitdefender.com/consumer/support/answer/1922/

Generate bitdefender support tool logs: https://www.bitdefender.com/consumer/support/answer/1733/

Generate bitdefender connectivity logs: https://www.bitdefender.com/consumer/support/answer/9689/

Share the logs & your query with bitdefender support team by dropping them an email at bitsy@bitdefender.com

If the generated logs are larger in size, you can upload the logs to google drive or we.tl (7days link validity for free users) or ask the support team to provide you with the online link & password of bitdefender cloud where you can upload the logs and share the upload link with the support team.

The support team will reply back to your query within next 24-48 hours excluding weekends.

Regards