Main Restorations Software Audio/Jukebox/MP3 Everything Else Buy/Sell/Trade
Project Announcements Monitor/Video GroovyMAME Merit/JVL Touchscreen Meet Up Retail Vendors
Driving & Racing Woodworking Software Support Forums Consoles Project Arcade Reviews
Automated Projects Artwork Frontend Support Forums Pinball Forum Discussion Old Boards
Raspberry Pi & Dev Board controls.dat Linux Miscellaneous Arcade Wiki Discussion Old Archives
Lightguns Arcade1Up Try the site in https mode Site News

Unread posts | New Replies | Recent posts | Rules | Chatroom | Wiki | File Repository | RSS | Submit news

« previous next »
Pages: [1]
  
Go Down

Author Topic: AVG and MALA  (Read 1630 times)

0 Members and 1 Guest are viewing this topic.

protokatie

  • I DO try to be insulting and horrible to my fellow Terran
  • Trade Count: (+1)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 1396
  • Last login:March 27, 2012, 09:36:43 pm
  • Is anyone here a member of team retard?
AVG and MALA
« on: July 17, 2008, 05:41:19 am »
Apparently, if anyone here has upgraded, AVG 8 (the free virus protection program) calls Mala (or more specificly, malakeyhook.dll) a spyware virus. Did I get a bad distro of Mala? Or is AVG at fault here?

As far as my new scan is for sure, ONLY malakeyhook.dll is the ONLY virus on my PC. (BTW, AVG calls it a potentially harmful program (class: logger)) Maybe this is because the DLL looks at the keyboard buffer directly? IDK, anyone have any insights? Just seems odd that AVG would have added a mala dll to their list of virii, unless it is simply looking for anything that hooks directly into the keyboard buffer (at the DLL level? What is AVG doing then? Decompiling the code???)
Logged
--- Yes I AM doing this on purpose, and yes I DO realize it is pissing you off.

---If my computers were cats, my place would look like an old widows house, with half of the cats having obvious health problems

youki

  • Trade Count: (0)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 1612
  • Last login:November 19, 2016, 01:07:33 pm
  • Atomic Front End Creator
    • Atomic Front End
Re: AVG and MALA
« Reply #1 on: July 17, 2008, 07:09:21 am »
MalaHook is not a virus.  don't worry.
Logged

loadman

  • Wiki Contributor
  • Trade Count: (+3)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 4306
  • Last login:May 26, 2024, 05:14:32 am
  • Cocktail Cab owner and MaLa FE developer
    • MaLa
Re: AVG and MALA
« Reply #2 on: July 17, 2008, 07:20:38 am »
Quote from: youki on July 17, 2008, 07:09:21 am
MalaHook is not a virus.  don't worry.

Youki is correct.  ;D

I think you only need it for win 98/ME anyway,

Just delete that dll if you want and mala will work fine

There is a note about this on the right page of the website download page

http://malafe.net/index.php?page=download
Logged

Ummon

  • Trade Count: (+13)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 5244
  • Last login:June 09, 2010, 06:37:18 pm
Re: AVG and MALA
« Reply #3 on: July 17, 2008, 04:59:45 pm »
Yeah, AVG took it right out of the directory and I haven't missed it. But if you're worried, you can set 'exemptions'.
Logged
Yo. Chocolate.


"Theoretical physics has been the most successful and cost-effective in all of science."

Stephen Hawking


People often confuse expressed observations with complaint, ridicule, or - even worse - self-pity.

u_rebelscum

  • Trade Count: (0)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 3633
  • Last login:April 21, 2010, 03:06:26 pm
  • You rebel scum
    • Mame:Analog+
Re: AVG and MALA
« Reply #4 on: July 18, 2008, 12:27:49 pm »
Quote from: protokatie on July 17, 2008, 05:41:19 am
BTW, AVG calls it a potentially harmful program (class: logger)) Maybe this is because the DLL looks at the keyboard buffer directly? IDK, anyone have any insights? Just seems odd that AVG would have added a mala dll to their list of virii, unless it is simply looking for anything that hooks directly into the keyboard buffer (at the DLL level? What is AVG doing then? Decompiling the code???

You pretty much got it.  Most antivirus check the binary and look for commands that match "suspicious" commands.  Only thing not quite right is that no decompiling is needed to look for commands in dlls; the "suspicious commands" are calls to the OS API that can be used to do suspicious stuff, and the API calls look the same in all dlls.
Logged
Robin
Knowledge is Power

headkaze

  • Trade Count: (0)
  • Full Member
  • ***
  • Offline Offline
  • Posts: 2943
  • Last login:August 14, 2023, 02:00:48 am
  • 0x2b|~0x2b?
Re: AVG and MALA
« Reply #5 on: July 18, 2008, 01:31:27 pm »
Yep it's detecting the "virus" using heuristics rather than actual signatures from viruses. Since a keyhook would use API that would be common in keylogger apps I would suspect that is why it's being detected as a virus.
Logged
Pages: [1]
  
Go Up
« previous next »