I install OpenOffice.org Portable 3 Beta 1 Released and my antivirus detect a trojan keyloger. Be Carefull portableapps. My antivirus is PC Tools Internet Security and my portable antivirus is ClamWin Portable and both detect the virus.
You are here
OpenOffice.org Portable 3 Beta 1 Released has a trojan
As can often be the case, this may simply be a "false positive." Make sure you're not jumping to false conclusions.
I might suggest you:
1) make sure your definition files are always up to date before scanning
2) simply try an online scanner, one that scans a particular uploaded file using multiple AV programs. I might suggest something like: http://www.virustotal.com or http://www.virscan.org or http://virusscan.jotti.org/
Give, please, more information about:
1) Your antiviruses' versions and their databases;
2) The exact text of the warnings they show;
3) The exact name and the exact location of the file they declare dangerous.
My antivirus portable is ClamWin and the version of databases is 17/06/08, my other antivirus is PC Tools Internet Security an d the databases is 16/06/08.
This is the problem detect for the both antivirus:
D:\ProtableApps\PortableApps\OpenOfficePortableTest\App\OpenOffice.org\Basis 3.0\program\scmi.dll: Trojan.Hupigon-9851 FOUND
Is not my intention to damage the reputation, because I am user of you, I just want to report something I think should be fixed.
My name is Raul Hernandez, i'm from venezuela.
Sorry for my english, but is not good.
This is most likely a false positive. The compression techniques used to make the PortableApps.com applications smaller will sometimes be detected as malicious, but they are not.
I recommend uploading the file to VirusTotal and report back how many scanners detected the file as being a virus.
I had this same problem so I uploaded the file to VirusTotal like you suggested. Three programs registered it as a virus: ClamAV, eSafe and Sunbelt. The summary is here: http://www.virustotal.com/analisis/8a3c8b2c50fb95a065efa8e57bd3e0dc
Here is ClamWin Portable's report:
Scan Started Fri Jul 18 13:35:58 2008
-------------------------------------------------------------------------------
G:\PortableApps\OpenOfficePortableTest\App\OpenOffice.org\Basis 3.0\program\scmi.dll: moved/scheduled to 'G:\PortableApps\ClamWinPortable\Data\quarantine\infected.scmi.dll'
G:\PortableApps\OpenOfficePortableTest\App\OpenOffice.org\Basis 3.0\program\scmi.dll: Trojan.Hupigon-9851 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 357471
Engine version: 0.93.1
Scanned directories: 1626
Scanned files: 11666
Infected files: 1
Data scanned: 1186.39 MB
Time: 729.750 sec (12 m 9 s)
--------------------------------------
Completed
--------------------------------------
I would say it's a false positive. I moved the file back to it's proper directory.