AutoHotkey Community

JoeWinograd wrote:I don't know if anything was done in 1.1.23.05 to address this issue specifically,

No, but

v1.1.23.04
Fixed LV_Modify to support omitting Options, as in LV_Modify(r,, col1).
Changed the installer back to the standard 7-zip self-extractor (7zS2.sfx v9.20). It has less useful error reporting in the event of failure but also less antivirus false positives.
https://autohotkey.com/boards/viewtopic ... 24&t=13085

Thanks for posting that, Steve — very interesting! Regards, Joe

I just downloaded 1.1.23.06, both the U32 AutoHotkey.exe and the AutoHotkey112306_Install.exe installer. Scanned both with MBAM and MSE (W7) — both clean! Here are hashes for the U32 EXE:

CRC32(SFV): 9F0FC8A0
MD5: 01df23072ec4ea0175c4916200508841
SHA1: 536f9638c8befb8c466aac23a8bfaa7f1b1613b6
SHA256: 9284b1906c2eb0cbe2f67dd75527524cb4a8f2f974bd00fc846912657eeecbe4
SHA512: 81f26eb79e5fb79e40287f1a101eed3399f606e840f6bab2f60a9a36567d7ec4937f86d5e198faf7981bf068d4e972a7621d0e0514126288d9d809370363af19

Here are the hashes for the installer EXE:

CRC32(SFV): 70E75706
MD5: 7abbc15f434d9611505e7058a4c932a9
SHA1: afc0d0f02ad9d984ad52b90dab6fbc894283893f
SHA256: a58efff6bb1ad34b12cdd95991c084045efed6439f5bd2b96d08af893aadb9cc
SHA512: 119349e212763e82f1d6a901f78e620b984587104eb3302c21011f63a4da09501bb30acb85e67cc07f0ac885018248b1caac1943151947446914c0f24a17f482

Regards, Joe

Sorry to bump an old thread that very well might have a resolution, but I couldn't seem to find one. Just did a fresh install of AHK on a new Windows 10 Pro machine and Windows Defender won't leave me alone about this. I keep trying to take it out of Quarantine, but it puts it right back in there. Was there a fix for this? I tried to us Lexikos' installer he referenced here: https://autohotkey.com/boards/viewtopic ... 24&t=13085 -- but still having the same issue. Anyone have any thoughts/ideas?

version info?
mine: Sorry about it being french :b

A work-around was recently posted here:
https://autohotkey.com/boards/viewtopic.php?f=5&t=21328
Regards, Joe

This is an curious issue with the AutoHotkey.zip for updating to 1.1.24.04. (There's absolutely no problem with the installer for that version.)

Open the zip with 7z 16.04 64bit, select the files in the package bar the compiler folder and extract to \Program Files\AutoHotkey: works.
Navigate to the compiler folder and attempt to extract all files in there to anywhere: not working- (copy dialog bombs without an exception.)
However, selecting everything and extracting to \Program Files\AutoHotkey works!

Hi,

I got "Trojan.Gen.8 (https://us.norton.com/security_response ... 08-2853-99)" from Norton Security Suite on AHK2EXE today when updating AHK to v1.1.25.01 via the ninite.com updater. Norton seems to have deleted the file and I don't see a way to restore it to get checksums or other information.

Regards,
Swampy

I tried downgrading AHK using the prior installer (v1.1.25.00) on this site and then checking for updates in the ninite.com updater, and it found and updated AHK, but the updated version did not have the Compiler folder. So I downloaded the v1.1.25.01 .zip and copied the Compiler folder from that to the AHK folder. I was able to run it.

CRC of the new file:
I still don't see a way to find/get the CRC of the blocked file. Sorry if this is not enough information to help.

Regards,
Swampy

swampy wrote:Hi,

I got "Trojan.Gen.8 (https://us.norton.com/security_response ... 08-2853-99)" from Norton Security Suite on AHK2EXE today when updating AHK to v1.1.25.01 via the ninite.com updater. Norton seems to have deleted the file and I don't see a way to restore it to get checksums or other information.

Regards,
Swampy

As long as it's a false positive I am fine with it.

Double-check for hashes, most probably a false positive

it showed one in my installer to, but im here to say for a fact that AHK is definitely not a virus it's 100% safe.

I use AHK for CS:GO all the time and never have had any problems.

A real virus would make your computer where you couldn't do hardly anything at all on it.

I had an older version on a different computer that came back clean, but in downloading the most recent version I am getting Trojan warnings from VT. Any ideas why?

https://www.virustotal.com/#/file/ce970 ... /detection

The newest version often causes false positives. After some time, it is sorted out.

How do I know if it's a false positive or something has gone wrong with the code and it's compromised?

Well, the safest way: Download the source code, study it and compile it yourself.
If that is not an option for you (which I assume), either use an older version (https://autohotkey.com/download/1.1/) or believe in AHK. Of course, a hack can never 100 % ruled out - but that is true for every application and every website - but then old versions could also be affected. We have had false positives for nearly every version - in the end, they were all ok.
I just compared the exe-installer from just now (look above) with the one I downloaded and used since 4 weeks ago (atm 4 positives) - shortly after version 1.1.28 came out. It still creates the same hash on VirusTotal and hasn't shown suspicious behaviour in this time - it was also ok with my virus scanner.
But in the end - it is your decision. Just use common sense and an up-to-date system (and don't download AHK from dubious sources).

thanks