IS ahk 2.0 a virus?
IS ahk 2.0 a virus?
So i was going to download ahk 2.0.2 but i first searched it through virustotal and it appeared as this:
- Attachments
-
- image.png (76 KiB) Viewed 3209 times
Re: IS ahk 2.0 a virus?
Likely not, if you got your download from our official page or the official github download.
Unfortunately, bad actors also like AHK, and sometimes they use it for malicious things - and antivirus vendors are not all the sharpest tools in the shed; many of their heuristics don't differentiate very well. Especially newly released versions get regularly false positives; by submitting the files in question to the AV vendors, you can help to reduce those.
Please have a look here: https://www.autohotkey.com/docs/v2/FAQ.htm#Virus
And here: https://www.autohotkey.com/boards/viewtopic.php?f=17&t=62266
If you are so inclined, and tech-savy, you could even look at the open source code and compile it yourself...
Unfortunately, bad actors also like AHK, and sometimes they use it for malicious things - and antivirus vendors are not all the sharpest tools in the shed; many of their heuristics don't differentiate very well. Especially newly released versions get regularly false positives; by submitting the files in question to the AV vendors, you can help to reduce those.
Please have a look here: https://www.autohotkey.com/docs/v2/FAQ.htm#Virus
And here: https://www.autohotkey.com/boards/viewtopic.php?f=17&t=62266
If you are so inclined, and tech-savy, you could even look at the open source code and compile it yourself...
Re: IS ahk 2.0 a virus?
You could also compare the SHA256 file hashes in order to verify your downlaod:
The one on your virustotal screenshot seems to match the one you can find on the official github release for the 'setup' version:
https://github.com/AutoHotkey/AutoHotkey/releases
The one on your virustotal screenshot seems to match the one you can find on the official github release for the 'setup' version:
https://github.com/AutoHotkey/AutoHotkey/releases
Re: IS ahk 2.0 a virus?
it is the setup version but why does virustotal say theres a trojan?
Re: IS ahk 2.0 a virus?
Like I mentioned above, some AV vendors use rather lazy heuristics and confuse our download with maliciously modified versions - it's called a false positive, you might know that concept from Covid or pregnancy tests. Also, AHK is an interpreted language, even compiled - every exe-file, you or someone else compiles with AHK will contain certain identical parts. That's why an actual trojan might look too similar for the more simplistic AV heuristics, although it is completely harmless and the original download.
Re: IS ahk 2.0 a virus?
10% false detection rate is about right... sadly many antiviruses try to err on the side of "safety" (read you have to pay hefty sums to digitally sign your exe with "trust" authorities and stuff like that which would lower the possibility of being flagged)
So if they don't really know the program, or their heuristics is not good enough they rather flag it. Its annoying but AHK is not the only one that has this issue.
So if they don't really know the program, or their heuristics is not good enough they rather flag it. Its annoying but AHK is not the only one that has this issue.
Projects:
AHK-ToolKit
AHK-ToolKit
Re: IS ahk 2.0 a virus?
VirusTotal says yes
plz report as false-positive