Topic: Basic Win10PE SE package EXEs recognized as malware/worms by Webroot?  (Read 267 times)

0 Members and 1 Guest are viewing this topic.

Nuetron

  • Apprentice
  • *
  • Date Registered: May 2017
  • Posts: 2
I just downloaded the main package from win10se.cwcodes.net/Compressed/Win10PE_SE_2017-02-02.zip and extracted it, and was notified by Webroot that it had the below programs listed as malware:

Threat List:
AU3361.EXE, W32.Autoit, ?:\images\win10pe_se_2017-02-02\projects\tools\win10pese\x86\,   
AU3361.EXE, W32.Autoit, ?:\images\win10pe_se_2017-02-02\projects\tools\win10pese\x64\, 
AU3381.EXE, W32.Worm.Skypee, ?:\images\win10pe_se_2017-02-02\projects\tools\win10pese\x86\,   

Can anyone explain why it would have this result? :confused:

Nuetron

  • Apprentice
  • *
  • Date Registered: May 2017
  • Posts: 2
I mean, what would be in those EXEs that Webroot would classify as malware?

Galapo

  • Gena Baker
  • Grand Chef
  • *****
  • Location: Australia
  • Date Registered: Sep 2010
  • Posts: 1958
Can anyone explain why it would have this result?

Yep. Your AV is overly agressive and issuing a false-positive. To avoid this you will need to report the file to your AV provider.

The files are just the AutoIt executables. You can verify their hash file against that from AutoIt.

Regards,
Galapo.

 

Powered by EzPortal