woolyss
commented
3 years ago Closed LaurentGrenet closed 2 years ago
woolyss
commented
3 years ago 
LaurentGrenet
commented
3 years ago I think (and I hope....) so (that it is a false positive)
But what I can see with Avast, is that Avast does not detect it in a "static" analysis (ie. analysing "statically" the exe file), but only thanks to its "heuristic" dynamic detection at run time, due to a "suspect" (at least from Avast standpoint...) behaviour.
As a result, the fact that VirusTotal (that is ONLY made of static analysis, including the one done with Avast) consider the file as safe is not surprising. I would even say that it is "expected".
So, I repeat my question (mainly addressed to Jonas) :
I'm not really worried, but I think it would definitely reassure everyone to have these questions answered.
vertigo220
commented
3 years ago For starters, currently Avast isn't flagging it, and now only SecureAgeAPEX is (and I've noticed that one flags almost everything, so it doesn't seem to be a very good scanner). Generally speaking, though obviously this isn't 100%, items from GitHub are going to be safe because the code is open-source, posted for all to see and review. Also generally speaking, if a few scanners flag something on VT but most don't, it's probably safe, and the ones flagging it are most likely false positives. There are also certain scanners I trust more than others.
As for why Avast flagged it, probably because it's performing suspicious activities like monitoring the keyboard, which of course it would do, since that's its job.
jonaskohl
commented
3 years ago This is definitely a false positive! All releases of CapsLock Indicator are virus-free. If you don't trust the precompiled binaries, you can also compile the binaries yourself, all you need is Visual Studio and .NET SDK 4.5.
jonaskohl
commented
2 years ago This question seems to be resolved, so I'll close this now
I would bet it is a "false positive", but any comment from author would be welcome on this point ! Thanks in advance.