Home » Forums » Support Forums » PuTTY Portable

False Positives with McAfee?

Cheetah's picture
Submitted by Cheetah on October 26, 2007 - 10:32pm

Is anyone else getting what I presume is a false positive hit for "Generic StartPage.r" on %TEMP%\nsvXXX.tmp\registry.dll when opening and closing PuTTY Portable? This appears to have just shown up for me in today's McAfee update (5150/October 26th 2007).

‹ PuTTY Connection Manager A bug and a brief instructions to use with Putty Agent with a little coding newbie guide. ›

»
( categories: )

Yea

jwyanze's picture
jwyanze (Homepage) - October 26, 2007 - 10:41pm

there is ah next post on it to its todays update. And it appairs with any portable app it seems because it happen with me on countless times. Tell McAfee bout the BS they doing.

Never curse the alligator till you done cross the bridge. ;)

More False Positives

Tim Clark's picture
Tim Clark - October 26, 2007 - 10:43pm

This is likely a false positive.

It has been happening with FFP and TBP as well.

Be assured that Official PortableApps.com programs are virus free.
Sometimes some of the things the apps need to do "look" suspicious to some antimalware programs and they need to be updated. Unfortunately, this happens more often than it should :(

Please read the following 2 threads:
http://portableapps.com/node/9825
http://portableapps.com/node/9834

and now:
http://portableapps.com/node/9837

Hopefully McAfee [and AVG] will get the message and update soon,
we hope Sad

"The Wheels of John grind slowly, yet they grind exceedingly small" ;)

John's Report...

Caehan's picture
Caehan - October 27, 2007 - 5:25pm

http://portableapps.com/node/9846

...But the gift of God is eternal life through Christ. Romans 6:23

MD5

cwinebrinner - January 16, 2008 - 2:47am

The PortableApps version claims to be version 0.60, but if you compare the MD5 checksum of the internal putty.exe file at \PortableApps\PuTTYPortable\App\putty\putty.exe with the expected MD5 found here: http://the.earth.li/~sgtatham/putty/0.60/md5sums , they are not the same. I'm suspicious to say the least.

UPX

John T. Haller's picture
John T. Haller (Homepage) - January 16, 2008 - 2:50am

That's due to UPX compression, which shrinks an EXE to save space (and is unrelated to the false positive above which McAfee has since corrected on their end). It's an open source (GPLed) utility. You can UNUPX the EXE yourself and it'll match the official MD5 sum again. UPX homepage

Live with purpose.

Wow...

cwinebrinner - January 16, 2008 - 2:51am

... lightning fast response. Thanks for the clarification.

...

RMB Fixed - January 16, 2008 - 8:18pm

So, have you switched on file-size displaying yet ? :)

RSS FeedFirefox 2 Copyright 2005-2008 Rare Ideas, LLC.  |  Developed by Rare Ideas, LLC
Designed by [THIRDSHIFT] and Rare Ideas, LLC
Proudly powered by Drupal