ykon / w10wheel.net

Mouse Wheel Simulator
MIT License
104 stars 8 forks source link

w10wheel.net flagged as a malware in Avira AV #3

Closed jaepil-choi closed 4 years ago

jaepil-choi commented 4 years ago

Seems like the .exe file is detected as malware in Avira. (and probably in other antiviruses)

I'm concerned about potential security issues. It has been flagged as a Trojan so I just put it in exception list but that's obviously not a good thing to do security-wise.

Could you briefly explain how it works and what might be provoking these security issues?

ykon commented 4 years ago

This software uses mouse hooks and keyboard hooks to trigger scrolling. As a result, you may be warned that you are recording mouse movements and keyboard input. Actually, I think that if the executable file has a digital signature, you will not be warned, but it is not possible because it requires money.

If you are worried, check the actual code and build it in your own environment.

Hooks Overview
https://docs.microsoft.com/en-us/windows/win32/winmsg/about-hooks

VirusTotal https://www.virustotal.com/gui/file/1dbfab5a9c589d3962df1d185c1fcd41a2bdf3a3e24ce222b25cbab38f0af0ee/detection

2/67: 2 engines detected this file

jaepil-choi commented 4 years ago

I trust that the source code does not contain any malware. I was just worried about possible exploitation by 3rd parties. Thanks for the heads-up.