Get the new PortableApps.com Platform 12.0.5. Better, stronger, faster, and prettier. Download Now or Buy on a Flash Drive
Instant access to over 300 free and legal portable apps (over 9GB) including the new Solfege (Aug 30, 2014)
PortableApps.com needs your help: Please consider making a donation today

Clamwin detecting W32.Virut.Gen.D-148 in Portable Chrome

PortaJohn - May 6, 2012 - 1:50pm
Share on Facebook

Im new to portableapps, but just installed clamwin and chrome and clamwin is saying

PortableApps\GoogleChromePortable\App\Chrome-bin\18.0.1025.168\chrome.dll: W32.Virut.Gen.D-148 FOUND

Is clamwin have a lot of false notices ?


( categories: )

Same issue

Just updated my USB from a much older version of Portable Apps and thought I'd give the ClamWin AV a test.

It detected the very same file and description.

A Norton 2012 scan of the same file showed no infection.

Just curious.

OD

Not older than dirt but I was there when dirt was new.

Seeing as Chrome Portable is

Seeing as Chrome Portable is a widely used app I would expect a lot more people to report it if there really was a virus in it, and it would also be cleaned up quite quickly too.

The best bet is to always check the file out with VirusTotal before reporting it here.

VirusTotal will tell you how many of the popular virus engines detect malware in the file, and based on that it will give an indication of whether a real threat exists or if it is just a false positive.

It's not a bug, its a feature.

Ressurection

sorry for waking up old discussion
but I just got my portable apps cleaned by Microsoft Security Essential.

I just uploaded the exe to VirusTotal and here is the result

https://www.virustotal.com/en/file/02d4580d4a57ee4dcb1af68b6882bf2b7e538...

Definitely looks infected

Which version of Chrome Portable?

If it is 28.0.1500.95, the md5 does not match that of a freshly installed copy, so you have definitely picked up something nasty from somewhere.

Edit: Here are the results for a fresh install of the same file from 28.0.1500.95.

It's not a bug, its a feature.

Wouldn't Run

That file was infected after the fact. It won't run (it has a built-in self check to alert you it has been altered) and, in theory, shouldn't start under Windows as the digital signature would now be wrong. Here's what the legitimate files scans as (100% clean):
https://www.virustotal.com/en/file/3fbc81e380c2cf819525515f3d9c23c6d3c01...

Sometimes, the impossible can become possible, if you're awesome!