Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. General talk
  3. Brainstorm
  4. qwebp.dll malware Variant.Adware.Kazy.795337
Forum Updated to NodeBB v4.3 + New Features

qwebp.dll malware Variant.Adware.Kazy.795337

Scheduled Pinned Locked Moved Unsolved Brainstorm
4 Posts 3 Posters 1.0k Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    L Offline
    ludek.vodicka
    wrote on last edited by ludek.vodicka
    #1

    Hi there,

    today we received info from one of our customer about this malware detection:

    Gen:Variant.Adware.Kazy.795337

    It's only inside the qwebp.dll file attached to our project by qtdeploy process.

    We're building Qt (5.13.2.0) from the source and the same issue is reported on the same DLL no matter where it was built:

    https://www.virustotal.com/gui/file/9f09c05803ad4ffcd99454c420a840e17549ee711690fb1f11fd1b59bccc3b23/detection

    https://www.virustotal.com/gui/file/80c4c747d781a27c72de71c0900ccc045aefd2b4e4f17c949aaeeb3d0b7973b1/detection

    When I scanned the older version (5.13.0.0) everything is ok:

    Previous versions seems to be clean: https://www.virustotal.com/gui/file/b7b7cacaef0e76439ef8c367c401524e93dfa00c9ca67a20290e829fec325a5a/detection

    Any idea what can cause this? Can anyone else please try to scan this file?

    Thanks

    Edit:
    It's compiled with latest VS2019 in 32-bit . It seems that VS2017 doesn't do that.

    1 Reply Last reply
    0
    • SGaistS Offline
      SGaistS Offline
      SGaist
      Lifetime Qt Champion
      wrote on last edited by
      #2

      Hi,

      It might be a false positive. You should contact them to see what it turns out to be.

      Interested in AI ? www.idiap.ch
      Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

      1 Reply Last reply
      0
      • L Offline
        L Offline
        ludek.vodicka
        wrote on last edited by
        #3

        I believe it is a false positive. We already scanned all our build machines with the very same result. Only this one file is identified as a threat.

        But who you think to contact? These AV companies?

        Thanks

        aha_1980A 1 Reply Last reply
        0
        • L ludek.vodicka

          I believe it is a false positive. We already scanned all our build machines with the very same result. Only this one file is identified as a threat.

          But who you think to contact? These AV companies?

          Thanks

          aha_1980A Offline
          aha_1980A Offline
          aha_1980
          Lifetime Qt Champion
          wrote on last edited by
          #4

          Hi @ludek-vodicka,

          But who you think to contact? These AV companies?

          Yeah, these are the only ones that can update their whitelists.

          Regards

          Qt has to stay free or it will die.

          1 Reply Last reply
          0

          • Login
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • Users
          • Groups
          • Search
          • Get Qt Extensions
          • Unsolved