rlottie icon indicating copy to clipboard operation
rlottie copied to clipboard
verified publisher icon Samsung

ClamAV reports viruses found from rlottie's source

Open juippis opened this issue 3 years ago • 1 comments

Hey,

when doing a scan with latest clamav, https://www.clamav.net/ against rlotties sources, it detects "Keyloggers".

----------- SCAN SUMMARY ----------- Known viruses: 8639436 Engine version: 0.105.1 Scanned directories: 43 Scanned files: 341 Infected files: 2 Data scanned: 44.32 MB Data read: 23.65 MB (ratio 1.87:1) Time: 11.913 sec (0 m 11 s) Start Date: 2022:10:09 10:24:55 End Date: 2022:10:09 10:25:06

Scanning /tmp/rlottie/example/win32Player/rlottie.dll /tmp/rlottie/example/win32Player/rlottie.dll: Win.Keylogger.Generic-9973679-0 FOUND

Scanning /tmp/rlottie/example/win32Player/rlottiePlayer.exe /tmp/rlottie/example/win32Player/rlottiePlayer.exe: Win.Keylogger.Generic-9973679-0 FOUND

As I believe it may be a false positive, you may want to report it to ClamAV via https://www.clamav.net/contact

juippis avatar Oct 09 '22 10:10 juippis

rlotties sources .dll

:clown_face:

That is definitely a false positive. Because the code in this Git repository can't read keystrokes. It receives input through file or variable in the main memory.

mymedia2 avatar Oct 09 '22 11:10 mymedia2