You are here

Virus Detected?

8 posts / 0 new
Last post
Dbzdude707
Offline
Last seen: 9 years 2 months ago
Joined: 2008-09-22 16:54
Virus Detected?

I am running Avast antivirus, and tried to download the most recent OpenOffice portable app installer.

It tells me it found a trojan in the file, and this is it's path specifically:

OpenOffice_Portable_2.4.1_en-us.paf.exe.part\$_OUTDIR\openoffice\program\testtool.exe

Any idea? It's probably just an error... It's a free antivirus anyways. Nevertheless, whoever compiled this file might have been trying to give us a trojan.

PS. I used Firefox 3 from my hard drive to download it. You might have realized that I was using it from the path I gave.

OliverK
OliverK's picture
Offline
Last seen: 1 year 1 month ago
Developer
Joined: 2007-03-27 15:21
I doubt it, as that file was

I doubt it, as that file was probably compiled by John T Haller, owner of this site, and compiler of all the other installers.

It IS a false positive.

Too many lonely hearts in the real world
Too many bridges you can burn
Too many tables you can't turn
Don't wanna live my life in the real world

Dbzdude707
Offline
Last seen: 9 years 2 months ago
Joined: 2008-09-22 16:54
Hm

So no one disagrees with you? Alright then, I suppose I can trust that it is a false positive...

No other portable apps I've installed have been reported as problematic in any way so I feel I can trust this site. Nevertheless, I haven't looked into the open office site itself... But that really seems like paranoia, I doubt I really need to.

OliverK
OliverK's picture
Offline
Last seen: 1 year 1 month ago
Developer
Joined: 2007-03-27 15:21
I've been using the apps from

I've been using the apps from this site for over a year now, with no ill side affects. I wouldn't worry about it.

Too many lonely hearts in the real world
Too many bridges you can burn
Too many tables you can't turn
Don't wanna live my life in the real world

kai.inouye
kai.inouye's picture
Offline
Last seen: 5 years 11 months ago
Developer
Joined: 2008-02-03 20:12
Me too, and I havn't had any

Me too, and I havn't had any problems too

DADSGETNDOWN
Offline
Last seen: 1 month 2 weeks ago
Joined: 2008-02-27 03:27
Free Antivirus/ Known issues

Free does not mean bad.
Paid does not mean good.
The 2 programs below are widely used, popular, and well reviewed.
The phrase "poor trojan detection" isn't actually true or what it
should say.

On the known issues page of I think ALL portable apps,
(atleast a heck of alot of them), it says.

https://portableapps.com/support/openoffice_portable#known_issues

Trojan/Virus detected - AntiVir and Avast, on more than one occasion, have claimed there is a trojan or virus in the launcher. This is due to poor trojan detection in both products that will occasionally mis-identify many NSIS-based applications as trojans. It will usually occur after a definitions update. You should contact your antivitus provider and let them know of their mistake.

portableappsIsa...
Offline
Last seen: 1 year 3 months ago
Joined: 2016-08-07 04:15
Well These MotherFuckers Gave me a Fucking Virus....

Properties
Name fastweb.exe
Location C:\Program Files (x86)\FastWeb
Size 194 KB
Time 50.1 days ago (2016-06-18 01:37:52)
Entropy 6.8
Product SQLite Database Browser Portable
Publisher PortableApps.com
Description SQLite Database Browser Portable (PortableApps.com Launcher)
Version 2.2.0.0
LanguageID 0
SHA-256 FAF07E5C9EA48D1CA55F5C2DDC8C3273621C0613B4D6B4B85DD28181139A32FA

Detection Names
Bitdefender Trojan.GenericKD.3323780
HitmanPro Mal/Generic-S

Scoring (111.0)
One or more antivirus vendors have indicated that the file is malicious.
Program is running but currently exposes no human-computer interface (GUI).
Uses the Windows Registry to run each time the user logs on.
Program starts automatically without user intervention.
The file is in use by one or more active processes.

Memory
PID 6980

Startup
HKU\S-1-5-21-10569869-1788432295-635245942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fastweb

Network Ports
192.168.1.5:50017 95.211.138.72:443

FuckYou

John T. Haller
John T. Haller's picture
Online
Last seen: 41 min 54 sec ago
AdminDeveloperModerator
Joined: 2005-11-28 22:21
Not Us, That Virus Steals Details From Other Apps

That virus is fastweb.exe. It often steals the product, publisher, description, etc from other applications to attempt to (1) appear harmless and (2) shift the blame to other products.

Here is the 100% clean scan for the full installer for DB Browser for SQLite (aka SQLite Database Browser Portable): https://www.virustotal.com/en/file/3d2a4fe1248245827639c5fa409a06378368e...

And here is the 100% clean scan for the SQLite Database Browser Portable (PortableApps.com Launcher) launcher which fastweb.exe is stealing the file details: https://www.virustotal.com/en/file/861f42088e862a73ef9c35913d36decbe24e7...

The file you have on your system has absolutely nothing to do with PortableApps.com. It wasn't written by us, distributed by us, and it isn't even infecting a file released by us.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments