You are here

Clamwin detecting W32.Virut.Gen.D-148 in Portable Chrome

Submitted by PortaJohn on May 6, 2012 - 1:50pm

Im new to portableapps, but just installed clamwin and chrome and clamwin is saying

PortableApps\GoogleChromePortable\App\Chrome-bin\18.0.1025.168\chrome.dll: W32.Virut.Gen.D-148 FOUND

Is clamwin have a lot of false notices ?

Just updated my USB from a much older version of Portable Apps and thought I'd give the ClamWin AV a test.

It detected the very same file and description.

A Norton 2012 scan of the same file showed no infection.

Just curious.


Not older than dirt but I was there when dirt was new.

Ken Herbert's picture

Seeing as Chrome Portable is a widely used app I would expect a lot more people to report it if there really was a virus in it, and it would also be cleaned up quite quickly too.

The best bet is to always check the file out with VirusTotal before reporting it here.

VirusTotal will tell you how many of the popular virus engines detect malware in the file, and based on that it will give an indication of whether a real threat exists or if it is just a false positive.

the developer formerly known as winterblood

Ken Herbert's picture

Which version of Chrome Portable?

If it is 28.0.1500.95, the md5 does not match that of a freshly installed copy, so you have definitely picked up something nasty from somewhere.

Edit: Here are the results for a fresh install of the same file from 28.0.1500.95.

the developer formerly known as winterblood

John T. Haller's picture

That file was infected after the fact. It won't run (it has a built-in self check to alert you it has been altered) and, in theory, shouldn't start under Windows as the digital signature would now be wrong. Here's what the legitimate files scans as (100% clean):

Sometimes, the impossible can become possible, if you're awesome!