I always run any exe I install through www.virustotal.com.
Before, you used to get 1-2 virus checkers say AHK was a virus.
I ran the latest version just now, now 5 say it's a virus.
Yes, yes, a false positive.
1 or 2, I'm OK with.
5? Hmm... ANY other program I will NOT install
Normally, if 1 or 2, at least one of those is a Chinese virus checker.
Any comments?
5 virus programs say AHK is a virus?
-
AHKStudent
- Posts: 1472
- Joined: 05 May 2018, 12:23
Re: 5 virus programs say AHK is a virus?
Is it the ahk program itself or a program you built with ahk?omar wrote: ↑17 Feb 2019, 17:31I always run any exe I install through www.virustotal.com.
Before, you used to get 1-2 virus checkers say AHK was a virus.
I ran the latest version just now, now 5 say it's a virus.
Yes, yes, a false positive.
1 or 2, I'm OK with.
5? Hmm... ANY other program I will NOT install
Normally, if 1 or 2, at least one of those is a Chinese virus checker.
Any comments?
Re: 5 virus programs say AHK is a virus?
Well, what do you want to here ? Obviously, comments/discussions every few months in this forum didn't change much over the last 15 years about the ways AV companies operate.
But after some time, the number of false positives for each version usually goes down... you can help by sending them the file in question to review.
(Also it seems, AHK was a favourite of malware script kiddies recently. Compare https://www.bleepingcomputer.com/news/security/autohotkey-malware-is-now-a-thing/ )
btw, AHK is not the only software having problems with false positives:
https://weblog.west-wind.com/posts/2016/Oct/05/Dealing-with-AntiVirus-False-Positives
https://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/
But after some time, the number of false positives for each version usually goes down... you can help by sending them the file in question to review.
(Also it seems, AHK was a favourite of malware script kiddies recently. Compare https://www.bleepingcomputer.com/news/security/autohotkey-malware-is-now-a-thing/ )
btw, AHK is not the only software having problems with false positives:
https://weblog.west-wind.com/posts/2016/Oct/05/Dealing-with-AntiVirus-False-Positives
https://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/
Re: 5 virus programs say AHK is a virus?
This is a custom compilation of autohotkey with only a few things changed for reference.
https://www.virustotal.com/#/file/0d64e12013cd4da11d8db96aea58dd6087e578f85617a4d076c427dde8b51b78/detection
Fuck cylance and whomever made that piece of shit detection algorithm.
https://www.virustotal.com/#/file/0d64e12013cd4da11d8db96aea58dd6087e578f85617a4d076c427dde8b51b78/detection
Fuck cylance and whomever made that piece of shit detection algorithm.
Re: 5 virus programs say AHK is a virus?
oh comeon ffs, everybody knows ahk isnt a virus! its a worm, heres a documentary i found about lexikos: https://youtu.be/bcAACOrgVKE?t=61
Re: 5 virus programs say AHK is a virus?
@coffee how do i make my own compilation? where do i get source files?
i didn't realise ahk was open source and you could compile?
@swagfag is that a young angelina jolie? she does look young there.
@AHKStudent i scanned the default install, the latest one just downloaded
i didn't realise ahk was open source and you could compile?
@swagfag is that a young angelina jolie? she does look young there.
@AHKStudent i scanned the default install, the latest one just downloaded
Re: 5 virus programs say AHK is a virus?
I just scanned the 32 and 64 bit Unicode Autohotkey.exe files of the latest version 1.1.30.1 with virustotal and I got 0 and 1 (in this case: Jiangmin) detections:
https://www.virustotal.com/#/file/bc76e0b0fd4211bc6f49b17bc87c064f7d4bd9472c8287f9da668d19dfb23c31/detection
https://www.virustotal.com/#/file/967dba8d919693febf96fde4877e7f08077630f886d4e77b778855d998c073c2/detection
Re: 5 virus programs say AHK is a virus?
This is a version of lexikos i can get behind ( ͡° ͜ʖ ͡°), v3.0 B̗̈͠E̖̬͈̜͕̱T͐̋͆ͣ̏͏̣̮͚Ȃ͇̳̥̻̅ͣͥ̔̃͂swagfag wrote: ↑17 Feb 2019, 18:31oh comeon ffs, everybody knows ahk isnt a virus! its a worm, heres a documentary i found about lexikos: https://youtu.be/bcAACOrgVKE?t=61
But more importantly, official autohotkey year 2519 imagewear
Re: 5 virus programs say AHK is a virus?
@omar AutoHotkeys source is available at GitHub.com:
https://github.com/Lexikos/AutoHotkey_L
https://github.com/Lexikos/AutoHotkey_L
Recommends AHK Studio
Re: 5 virus programs say AHK is a virus?
@gregster
So I downloaded the default installer: AutoHotkey_1.1.30.01_setup.exe
I get 5 red flags: https://www.virustotal.com/#/file/566eecbfee64e12d5cda0005a0e8e8812cfcee79e8956fa84ab15acad21cfe55/detection
When I download the zip file, I get 7 red flags: AutoHotkey_1.1.30.01.zip
https://www.virustotal.com/#/file/1096575ed518365a4f19c6d1ea86e088de8b29f9e0923aa3ca3a800487363d58/detection
Your 2 results are for:
AutoHotkey.exe, file size 1.13MB
AutoHotkey (no suffixe), file size 875KB.
What are you scanning? The files I'm scanning are 3.32MB (AutoHotkey_1.1.30.01_setup.exe) and 4.64MB (AutoHotkey_1.1.30.01.zip).
What am I doing wrong that you are doing right?
Jokes aside. A new person coming to AHK. If I got this amount of red flags, I simply wouldn't use. Am I the only one who's concerned?
So I downloaded the default installer: AutoHotkey_1.1.30.01_setup.exe
I get 5 red flags: https://www.virustotal.com/#/file/566eecbfee64e12d5cda0005a0e8e8812cfcee79e8956fa84ab15acad21cfe55/detection
When I download the zip file, I get 7 red flags: AutoHotkey_1.1.30.01.zip
https://www.virustotal.com/#/file/1096575ed518365a4f19c6d1ea86e088de8b29f9e0923aa3ca3a800487363d58/detection
Your 2 results are for:
AutoHotkey.exe, file size 1.13MB
AutoHotkey (no suffixe), file size 875KB.
What are you scanning? The files I'm scanning are 3.32MB (AutoHotkey_1.1.30.01_setup.exe) and 4.64MB (AutoHotkey_1.1.30.01.zip).
What am I doing wrong that you are doing right?
Jokes aside. A new person coming to AHK. If I got this amount of red flags, I simply wouldn't use. Am I the only one who's concerned?
Re: 5 virus programs say AHK is a virus?
I only scanned the Autohotkey.exe-files (Unicode 32 and 64 bit). After all, they are the important parts.
But if you read about the experiences that programmers have with false positives, you will find that there seems to be no real logic behind their occurrences... so different results with the installer or zip package don't really surprise me.
I prefer not fret about things I personally have no influence on... (there are still exceptions to that rule, but this is not it)
But if you read about the experiences that programmers have with false positives, you will find that there seems to be no real logic behind their occurrences... so different results with the installer or zip package don't really surprise me.
https://weblog.west-wind.com/posts/2016/Oct/05/Dealing-with-AntiVirus-False-Positives wrote:MADNESS!
In summary - on its own the Exe is fine. On its own the installer minus EXE is fine. The full distribution zipped up plain without the installer is also fine. All fine, but the combination of installer plus my EXE results in multiple AV hits.
Yup that makes perfect sense. NOT!
This really makes you wonder how much faith you should have in these anti-virus solutions. If the individual parts are clean but the combined parts trigger, something is seriously amiss in the detection process. Further if you look at the original screen shot of the AV hits, every vendor seems to be triggering on a completely different threat. Again how should this be possible if individually the files are fine, but packaged they are not? How reliable is this stuff really?
Code: Select all
Am I the only one who's concerned?
Last edited by gregster on 19 Feb 2019, 10:56, edited 1 time in total.
-
AHKStudent
- Posts: 1472
- Joined: 05 May 2018, 12:23
Re: 5 virus programs say AHK is a virus?
For yourself you know its not a virus and for a person you give it to they know you so it should be fine.omar wrote: ↑19 Feb 2019, 10:29@gregster
So I downloaded the default installer: AutoHotkey_1.1.30.01_setup.exe
I get 5 red flags: https://www.virustotal.com/#/file/566eecbfee64e12d5cda0005a0e8e8812cfcee79e8956fa84ab15acad21cfe55/detection
When I download the zip file, I get 7 red flags: AutoHotkey_1.1.30.01.zip
https://www.virustotal.com/#/file/1096575ed518365a4f19c6d1ea86e088de8b29f9e0923aa3ca3a800487363d58/detection
Your 2 results are for:
AutoHotkey.exe, file size 1.13MB
AutoHotkey (no suffixe), file size 875KB.
What are you scanning? The files I'm scanning are 3.32MB (AutoHotkey_1.1.30.01_setup.exe) and 4.64MB (AutoHotkey_1.1.30.01.zip).
What am I doing wrong that you are doing right?
Jokes aside. A new person coming to AHK. If I got this amount of red flags, I simply wouldn't use. Am I the only one who's concerned?
You do have many people uninstalling their AV or getting so used to false positives that it no longer matters