Mobileread
trojan in 5.10.1
#1  varis1 01-22-2021, 01:41 PM
my visrsscanner found a signatur TR/Crypt.XPACK.Gen in the downloaded 5.10.1 from the calibr homepage.

why????

https://mobileread.cdn.speedyrails.net/i/smilies/frown.gif

#2  cvkemp 01-22-2021, 02:15 PM
are you using windows or macOS. I am using the MacOS and I haven't got the trojan. My AV scans the downloads, as well as the install of the program.

#3  varis1 01-22-2021, 02:17 PM
the trojan ist in the files calibre.exe, ebook-viewer.exe, ebook-edit.exe and lrfviewer.exe

#4  varis1 01-22-2021, 02:20 PM
its win 10, the file calibre.exe, ebook-viewer.exe, lrfviewer.exe and ebook-edit-exe, the scanner is avira pro

#5  cvkemp 01-22-2021, 02:26 PM
No issues with MacOS version of calibre. I just did a rescan of the whole system

#6  theducks 01-22-2021, 02:29 PM
If you used the official site: Can you say FALSE POSITIVE? (might be time to ditch that A/V package)

If you used other sites to get your download, who knows what tampering was done

#7  ownedbycats 01-22-2021, 02:43 PM
Assuming that you downloaded Calibre from the official website, could be that F-Secure is using heuristic scanning.

It's a bit of a double-edged sword that. It can catch malware that hasn't been identified yet (or has been modified so that trying to fingerprint it doesn't work), but depending on how sensitive it is you can get a lot of false positives of legitimate software doing 'suspicious' behaviour.

#8  JSWolf 01-22-2021, 06:35 PM
Quote varis1
its win 10, the file calibre.exe, ebook-viewer.exe, lrfviewer.exe and ebook-edit-exe, the scanner is avira pro
Delete Avira Pro. It's worthless. Run Windows Security instead as it works much better. Any AV that thinks Calibre is infected when direct downloaded from the Calibre website is not a good idea to use.

#9  ownedbycats 01-22-2021, 06:53 PM
Quote varis1
its win 10, the file calibre.exe, ebook-viewer.exe, lrfviewer.exe and ebook-edit-exe, the scanner is avira pro
calibre.exe: https://www.virustotal.com/gui/file/e545848653bedc8e5fda25892d53cca3c9823bd3237a8ec8a7 b4fd5e11ab722e/detection

ebook-viewer.exe: https://www.virustotal.com/gui/file/1c61361a35d089aadb09a4e6ef72dac28b4b95a895359eafe8 47d9b3ba6e1955/detection

ebook-edit.exe: https://www.virustotal.com/gui/file/835fd8a8adc4420430d757e5eb57be06441e3e23de3bd17e91 1c8fd758db93b0/detection

lrfviewer.exe: https://www.virustotal.com/gui/file/29fd6ff84353719bfbf68e4b741775b4295e5480749368c8f8 9e614f158488c5/detection

#10  DNSB 01-22-2021, 07:16 PM
Never mind. Ownedbycats beat me to it.

  Next »  Last »  (1/8)
Today's Posts | Search this Thread | Login | Register