I have to click on Ignore every time I search for program update (Manage apps>check for updates). inetc.dll is on different path in document and setting every time. Typical:
C:\Documents and Settings\...\Temp\nsk6D.tmp\inetc.dll Trojan.Agent
C:\Documents and Settings\...\Temp\nsv70.tmp\inetc.dll Trojan.Agent
Because new path every time I can not set file in ignore list.
Why not use same path every time in portableapps setup directory?
//Björn
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
I have had the same problem since install Malwarebytes Pro with real-time protection. When I try to update apps or use selected ones, I get this warning that inetc.dll is a trojan in c:users\NAME\Appdata\Local\Temp\ns***.tmp\inetc.dll
I can't find confirmation that this is a false positive. Will excluding this file do it? The subfolder is always different and this has crippled my portableapps update (unless I turn off MB first).
jjb
Better report it to Malwarebytes as it is a false positive. inetc.dll is a plug-in for NSIS to download files (info) so they should maybe flag internet explorer or firefox as thread, too, as they could also be used to trick users to download malware... :rolleyes:
Sorry, not your fault, but I am kind of weary of overzealous security apps. Who the hell thought heuristics were a good way to deal with threats.
No, first must this dll have information inside, now there is nothing. Is it a dll from PA or not? Also it will be nice if it is possible to get checksum for all PA components.
inetc.dll seems to only be used to check program update for Manager 2. I have uninstall it and only run the old version.
inetc.dll is an online component used by most NSIS-based installers that download components as part of their setup. Our PA.c Updater uses it as do all 'online' installers (jPortable, Chrome, etc). Lots of local software installers have online components as well (Pidgin downloads GTK on the fly for example).
This DLL is a well-used plugin for NSIS (see here), the most popular installer scripting language and the one we base our installer on. If malwarebytes is blocking it, that's a pretty huge error on their part and they should be informed of it.
Sometimes, the impossible can become possible, if you're awesome!
Thank you for answer and link!
I download netc.zip from http://nsis.sourceforge.net/Inetc_plug-in
Therte is no info in this dll. But I compare both inetc.dll and there i a lot of different in code.
PA: have 27648 byte
From Nullsoft only 20992 byte. Why?
I do not like it until I now what is different. I have not a disassembler and can not detect what is wrong. I think it is different version but why is the new smaller?
Because my bad english it is hard to understand all.
There are multiple versions of this plugin available. Some ANSI (Windows 9x and up) and some Unicode (Windows 2000 and up). We use the Unicode ones. In the initial version in the PA.c Installer, one didn't exist, so we started with the ANSI plugin and then built our own bits on top. Then the Unicode official one was released but had a major but with it leaving behind files in the temporary internet cache that it downloaded (which isn't very portable) so we updated the official code again and have that in our current launcher. We posted our version, but some users wanted resume support (which basically requires leaving files behind) so our version is slightly different (so it is portable and doesn't leave a mess of files behind on each PC).
Sometimes, the impossible can become possible, if you're awesome!
Thank you for info.
Problem with different version is, it is hard to check if any trouble is detected.
Is it possible to download correct version from PA? It will be nice!
//Björn
The proper version (at time of the installer being compiled) is always contained in the PA.c Installer. You'll know it is unaltered from that as our installers are digitally signed and dated. If you right-click any installer from us and select Properties, you'll see a Digital Signatures tab with the info. The installers also self-check for any modifications and will refuse to run with an error if they are modified.
Sometimes, the impossible can become possible, if you're awesome!
Ok, i have install manager 2 again and hope it run
Have only one problem now, Fx will resend "To display this page, Firefox must send information that will repeat any action (such as search or orderconfirmation) that was performed earlier. [Resend][Cancel]". It happens only in Manager 2, not in the old version. If I click cancel I get the page without problem.
for now, thank you for answer.
I discovered that I have quarantined it before now...can't remember doing that, but will look into trying to get it detected again, and report it to MBAM
EDIT: Done.
http://forums.malwarebytes.org/index.php?showtopic=77926
“There is a computer disease that anybody who works with computers knows about. It's a very serious disease and it interferes completely with the work. The trouble with computers is that you 'play' with them!”Richard Feynman
...the problem is solved.
It is not detected with the update 6069.
“There is a computer disease that anybody who works with computers knows about. It's a very serious disease and it interferes completely with the work. The trouble with computers is that you 'play' with them!”Richard Feynman
Thanks for taking the time to report it
Sometimes, the impossible can become possible, if you're awesome!
Easy when you know how
“There is a computer disease that anybody who works with computers knows about. It's a very serious disease and it interferes completely with the work. The trouble with computers is that you 'play' with them!”Richard Feynman