The first hint of trouble came when I tried to download an app from the PortableApps.com website. After clicking on the 'Download' button I was redirected to a webpage for unrelated software. I closed my browser and tried again. This time, when I clicked on the 'Download' button I was redirected to a webpage for a different unrelated software package. There was a link to SourceForge on the page, and when I clicked on it, my download started but was immediately cut off by my security software.
Therefore, my question: Is there a problem with the PortableApps.com website?
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Which app were you trying to download? Knowing what page you were on might help track down the issue. Was it an official release or something in the forums? I did a quick browse through a few of the app release pages and didn't notice anything out of the ordinary.
Quamquam omniam nescio, nec nihil scio.
It all started when Norton Internet Security suddenly decided PortableApps Menu was a Trojan and deleted it. (An earlier poster had the same with Symantec Endpoint Security.) I tried to download PAM from https://portableapps.com/download and NIS blocked the download. I visited PortableApps.com with IE, since it has no ad blocker (I'm usually a Firefox user) and noticed ads for seemingly unrelated software.
Can you try this from a different pc to see if its isolated to the machine or USB?
PortableApps.com Advocate
You might be infected!
1.Ensure the built-in firewall is enabled (remove 3rd party PFW).
2.Internet Options
General tab
Under 'Browsing history' click the 'Delete...' button to delete temporary
files, history, cookies etc..
Advanced tab
Under 'Security' [check] 'Empty Temporary Internet Files folder when
browser is closed'.
Click the OK button.
3.On-demand AV applications.
David H. Lipman's MULTI_AV Tool
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-m...
Additional Instructions:
http://pcdid.com/Multi_AV.htm
--and/or--
Kaspersky's AVPTool
http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/
--or--
http://ftp.kaspersky.com/devbuilds/AVPTool/
There's no updating involved since the scanning engine is updated
several times a day and you simply download the updated scanner whenever
you want to do a scan.
--and/or--
Dr.Web CureIt!® Utility - FREE
http://www.freedrweb.com/cureit/
There's no updating involved since the scanning engine is updated
several times a day and you simply download the updated scanner whenever
you want to do a scan.
--and/or--
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--and--
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
If you operating system is considered clean:
Flush your System Restre Cache
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and [check] 'Turn off
System Restore on all drives'.
Click 'Apply' then click OK
Reboot.
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and [uncheck] 'Turn
off System Restore on all drives'.
Note: ensure that under 'Available drives' the Status of Drive does show
'Monitoring'.
And then manually create a Restore point.
Go to:
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/system...
And scroll down to: Create a Restore Point.
Then:
Download and execute HiJackThis! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Please, do not post HJT logs to this forum.
Forums where you can get expert advice for HiJack This! (HJT) logs.
http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://forums.subratam.org/index.php?showforum=7
http://forums.security-central.us/forumdisplay.php?f=13
http://castlecops.com/forum67.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://www.lavasoftsupport.com/index.php?showforum=36
http://forum.piriform.com/index.php?showforum=12
http://www.wilderssecurity.com/forumdisplay.php?f=26
http://makephpbb.com/phpbb/viewforum.php?f=2
http://www.techmonkeys.co.uk/forums/viewforum.php?f=8
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://forums.spywaretimes.com/index.php?showforum=2
http://www.bluetack.co.uk/forums/index.php?showforum=172
http://forums.techguy.org/f54-s.html
http://aumha.net/viewforum.php?f=30
http://forums.spywareinfo.com/index.php?&showforum=18
http://www.dslreports.com/forum/cleanup
http://forum.malwareremoval.com/viewforum.php?f=11
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f...
NOTE: Registration is required in any of the above mentioned forums
before posting a HJT log and read the 'stickies'
(instructions/guidelines) for the respective HJT forum.
Post back the URL where you posted your log, *not* the entire log!
Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
I was blind, now I'm lost.
all around security software is. They should pay to you for using it and enjoy all the problems with it. Get rid of all this security by obscurity bloathware and your life will be more easy.
Otto Sykora
Basel, Switzerland
Can't get to another computer right now. Clicking 'Download' on the PAM page brings me to a full-page ad for Zenoss, with a sourceforge.net (faked?) domain in the Address Bar. The ad has a download link for PAM, but clicking on it brings me to the website for Voxel.net, with no link to download PAM.
SourceForge.net shows ads. Has for a very long time. The page you're looking at is a redirect page that will auto-refresh and start the download.
Unless you're using IE which breaks all downloads like that. In that case, you need to click on the line that says "Please use this direct link" and click the words "direct link".
Sometimes, the impossible can become possible, if you're awesome!
Thank you, thank you. I normally use Firefox with AdBlock Plus, so I have never seen the ads. This time I used IE, so the ads were viewable. And yes, IE broke the download, which added to my suspicion. Therefore, my original problem is caused by Norton Internet Security 2009, which incorrectly flagged PortableApps Menu as a Trojan. NIS has seen PAM many times before, so why all of a sudden? I'll deal with Symantec.