Thread: trojan in 5.10.1
View Single Post
Old 01-23-2021, 01:50 PM   #24
theducks
Well trained by Cats
theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.
 
theducks's Avatar
 
Posts: 31,156
Karma: 60406498
Join Date: Aug 2009
Location: The Central Coast of California
Device: Kobo Libra2,Kobo Aura2v1, K4NT(Fixed: New Bat.), Galaxy Tab A
Quote:
Originally Posted by ownedbycats View Post
I wonder, though, what change was made so at least two antiviruses are flagging it.

VirusTotal notes that calibre.exe does write to a file inside of the Windows folder (udhisapi.dll, universal plug & play), which may be seen as a red flag. But I think older versions did this too.

Executable compression, perhaps? Antiviruses also like to complain about that as they're often used by bad actors.
There are fingerprints that the AV community use. somehow there is a match to some part (module) that is common in the open software community.
theducks is offline