Quote:
Originally Posted by thiago.eec
Hi, DNSB.
I just downloaded calibre portable from calibre-ebook.com. I scanned calibre portable installer (calibre-portable-installer-4.99.4.exe, beta, 94.3MB) and it came clean.
Then, I installed it and scanned just the executable (calibre-portable.exe, 152KB). Now it is detected by VirusTotal (and my local antivirus, BitDefender).
I ran a system scan and it found nothing else.
Could you please check if your calibre-portable executable (152KB) is detected by VirusTotal (or other AV)?
|
I get the 16 detections on VirusTotal for the 4.9.1 calibre-portable.exe file.
When I analyze it running in a VM, I do not find any files being written in unexpected locations, no unexpected registry changes, etc. I did get a warning about the launching of executables but that's the whole purpose in life of calibre-portable.exe.
OTOH, some viruses detect when they are running in a VM and do not launch the malicious payload.
On yet another hand, you could always compile calibre-portable.exe yourself and see what VirusTotal, etc. complain about. Though that can be fun--when I played with it, I ran a Linux VM and then ran the VM needed for the Windows compile inside that. To put it gently, it was rather slow.
