You are here

putty.exe detected as trojan

9 posts / 0 new
Last post
kjb
Offline
Last seen: 14 years 3 months ago
Joined: 2009-12-15 12:45
putty.exe detected as trojan

via macafee virus scan enterprise

PuTTYPortable.e D:\portProg\PuTTYPortable\App\putty\PUTTY.EXE generic!bg.gru (Trojan)

tried to download the newest version today and got this:

\Downloads\PuTTY_Portable_0.60_Rev_3.paf.exe.part\PUTTY_PORTABLE_0.60_REV_3.PAF.EXE.PART generic!bg.gru (Trojan)

went to generic putty and no probs there. notice AVG does not detect this as a threat, have not tested other AVs

kjb

John T. Haller
John T. Haller's picture
Online
Last seen: 4 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
False Positive

It's a false positive and should be reported to McAfee. They've had issues with compressed EXEs before. Doesn't look like the massive fail AVG had last week. They'll probably have it fixed in a day or two. I hope you didn't have it set to auto-delete.

Sometimes, the impossible can become possible, if you're awesome!

kjb
Offline
Last seen: 14 years 3 months ago
Joined: 2009-12-15 12:45
hmm...

Well I will buy a false positive for the exe downloaded from portableapps but the putty.exe, from an "install" that was at least 4 months old, was listed as infected so unless putty.exe is compressed as well...

but alas if everything is okay then im cool with it, keep up the good work I love the portable apps.

EDIT also reported to mcafee.

kjb

Darkbee
Darkbee's picture
Offline
Last seen: 3 years 10 months ago
Joined: 2008-04-14 09:41
Clamwin Portable

You should try Clamwin Portable. Wink

Jimbo
Offline
Last seen: 4 years 2 months ago
Joined: 2007-12-17 05:43
To clarify

putty.exe is indeed compressed - pretty much all of the exes in portable apps are, to save space on the drive, and reduce load times over usb.

Also, trojans are a little different to other viruses - a file cannot become infected with a trojan, it either is one, or it isn't. So putty.exe couldn't have become a trojan, only have been one in the first place, so the fact that McAfee is suddenly detecting it as one suggests that it is the McAfee database update that is what has changed.

Finally, when in doubt, it is always worth checking at virustotal.com which will run a file you upload through over 40 AV scanners (including McAffee) and give you the results. When only one or two spot it, or when all of the ones that spot it call it heuristic or generic, then there is a good chance that it is a false positive.

And thanks for reporting to to McAfee, that's definitely worth doing when you find a report like this Smile

thundercleese
Offline
Last seen: 14 years 3 months ago
Joined: 2009-12-16 10:54
McAfee Virus Scan Enterprise

McAfee Virus Scan Enterprise detected putty.exe as genric!bg.gru this morning for me also...

John T. Haller
John T. Haller's picture
Online
Last seen: 4 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Report It

Please report it to McAfee. It's only McAfee with the issue, so you're stuck waiting on them to fix their problem.

It is either (1) a false positive or (2) both PortableApps.com and the main putty developer went back in time a year and a half and managed to infect it then since this is the last time putty was updated.

Sometimes, the impossible can become possible, if you're awesome!

Darkbee
Darkbee's picture
Offline
Last seen: 3 years 10 months ago
Joined: 2008-04-14 09:41
Time for T

You guys have perfected time travel? That's freakin' awesome! Will it make it into the next beta?

computerfreaker
computerfreaker's picture
Offline
Last seen: 12 years 6 months ago
Developer
Joined: 2009-08-11 11:24
Nice lol

Sweet!! Biggrin
Please send me an e-mail with the time travel information (how to do it), I've got an app ready to drop but I can take a few days to implement the TT stuff... (heck, then I can warp the app 5 years or so into the future, when (hopefully) it's a well-known, well-trusted app)

rofl!! Biggrin

"The question I would like to know, is the Ultimate Question of Life, the Universe and Everything. All we know about it is that the Answer is Forty-two, which is a little aggravating."

Log in or register to post comments