My antivirus found a virus into shotcut directory: False Positive?

What is your operating system?
Windows

What is your Shotcut version (see Help > About Shotcut)? Is it 32-bit?

20.10.31

Check image below … please advice
I feel could be a false positive … I wish so !

There are no viruses in Shotcut downloads provided through our web site. Read the claim made at the top of our download page: https://shotcut.org/download/

From where did you download Shotcut? We cannot control sites other than the ones we upload to and publish on that page. All of our files are scanned before upload and then scanned again by FossHub (one of the 2 download sites).

Look at the FossHub Shotcut page, which appears when you download through it: https://www.fosshub.com/Shotcut.html

It has virus scan results. Both download locations also publish file checksums so you can compare the file that appears on your system after downloaded was not tampered with. How do you know your computer did not implant the virus?

If you know anything about virus scanners, you know they are far from perfect and frequently mis-flag something.

Anyways, you can remove the flagged DLL; Shotcut does not need it.

2 Likes

I removed that frei0r plugin for the next version since it is not used and can scare people.

Our frei0r plugins (as well as MLT and Shotcut) are built every night from source in a new virtual machine that gets everything installed from either msys2 (also automated in the same manner) or built from source code. This file is then uploaded directly to Amazon S3. Then, for releases, the files are downloaded on a Linux machine, copied to a Windows machine where they are scanned using Microsoft Defender, and uploaded to GitHub from the Linux machine. Not that Linux is perfectly guarded against viruses, it is significantly lower risk. After uploading to GitHub, FossHub directly downloads from GitHub and does their virus scan.

2 Likes

I know this is a few days late, but maybe someone else will lookup for this info.

@shotcut already explained that FossHub checks each file for malware (viruses, trojans, worms, ransomware, etc.) We have integrated Jotti’s malware scan, which is a service that scans each file with several anti-virus programs.

Like anyone else, we are also careful when a new Shotcut version is being published (this applies to all the software available on FossHub). Sometimes, we need to scan the files manually, for example, if the file is larger than 250 MB. We want to make sure that each file we’re serving is 100% safe.

We also consider various scenarios when the original author can get compromised, and the attackers might attempt to deliver ransomware. We managed to prevent this before, so just in case you’re wondering how safe is FossHub, you can read more about it here: https://blog.fosshub.com/how-safe-is-fosshub/

Finally, I will repeat what @shotcut already said. Check the file signatures from FossHub and Shotcut. If they match, then you’re good.

Otherwise, if you get an alert from your antivirus, it could be a false positive, but to be safe, run a few anti-malware tools to eliminate any doubt. We have a small collection here: https://www.fosshub.com/Anti-Malware.html

I hope this helps!

2 Likes