Thread: trojan in 5.10.1
View Single Post
Old 01-23-2021, 03:56 PM   #28
BetterRed
null operator (he/him)
BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.
 
Posts: 21,800
Karma: 30237628
Join Date: Mar 2012
Location: Sydney Australia
Device: none
Quote:
Originally Posted by ownedbycats View Post
I wonder, though, what change was made so at least two antiviruses are flagging it.

VirusTotal notes that calibre.exe does write to a file inside of the Windows folder (udhisapi.dll, universal plug & play), which may be seen as a red flag. But I think older versions did this too.
Really, did they say which udhisapi.dll, the one in System32 or SysWOW64?

Click image for larger version Name: Screenshot 2021-01-24 073959.jpg Views: 198 Size: 511.5 KB ID: 184901

I just installed calibre 5.10.1 and neither appears to have changed. My records show I installed Windows security update (KB4577266} on 2020-09-09 which is the date the udhisapi.dll files were last updated.

BR
BetterRed is offline