Thread: trojan in 5.10.1
View Single Post
Old 01-23-2021, 09:44 PM   #42
kovidgoyal
creator of calibre
kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.
 
kovidgoyal's Avatar
 
Posts: 45,389
Karma: 27756918
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
Quote:
Originally Posted by ownedbycats View Post
I wonder, though, what change was made so at least two antiviruses are flagging it.

VirusTotal notes that calibre.exe does write to a file inside of the Windows folder (udhisapi.dll, universal plug & play), which may be seen as a red flag. But I think older versions did this too.

Executable compression, perhaps? Antiviruses also like to complain about that as they're often used by bad actors.
No version of calibre including the present one has ever touched any files in any windows system folder. In fact I dont even know what udhisapi.dll is. And grepping the calibre source ode for it shows no references whatsoever.
kovidgoyal is offline