Platform 14.4.1 (Apr 02, 2017). Please donate.
300+ real apps, *new* calibre (Jan 18, 2018)
Over 950 million app downloads
The file is fusion.dll and is part of the CDeX app.
Here's the results of a scan I just did on CDEx Portable's installer (1.8.4): https://www.virustotal.com/en/file/01e9ea3022ee138cfd7bbb5ab6b7c197bb496...
I'm not able to download a fresh copy of cdex on my corporate network, do you have a link to the analysis?
Advising the Portableapps Team of potential software problems is fine but VirusTotal reports need to be considered in the correct context. If 12 Engines that they test files with flagged a possible issue with a specific file, that leave at least another 38 that didn't; and as part of VirusTotal's stated scanning objective is also to identify and report 'false positives' as well as any perceived 'threats', as they say themselves, the online scanning of files on VirusTotal should not be considered by end users as an effective AntiVirus/Malware scanning solution. It primarily designed as a tool for informing software developers, including security software providers (but not end users), of the potential for issues which may, or may not, prove to be 'threats'.
However, if this example is perceived as a genuine concern then the correct approach is to report the issue to the CDeX app developer; and also to use an effective, up-to-date, production-grade AntiVirus and Malware solution to scan the files (and your system) before you decide whether or not you want to use the software without some further assurance. Certainly don't rely on VirusTotal to provide any user protection against files that have already been downloaded, and have presumably survived live security scanning.
Just FYI, many of the tools that VirusTotal employs use identical databases. This can lead to distorted data regarding both the safety and danger of files.
You can research each engine to determine which database it uses.
The detection you're referring to is a generic adware detection. CDex's local installer uses a bundleware installer. Fusion.dll is the component that the installer uses to display it.
CDex Portable does a live download of the CDex installer and extracts the app files from it without running it. That DLL isn't used by the app and can be safely deleted.
Gord already built the updater 1.85 version of the app, so I'll adjust the live installer to ensure the extra DLLs that aren't used aren't left on your device to trigger any false positives.
Sometimes, the impossible can become possible, if you're awesome!
When you write "does a live download", do you mean that when the user installs CDex Portable via the Portable Apps Launcher, it is installing another installer, which in turns downloads the actual CDex Installer? Or is it different from that process?
The CDex Portable installer downloads the regular CDex installer as you install. That's the live part. (When installing or updating via the platform, the updater/app store handles the download.) It doesn't run the local installer, though. It extracts the files from the local installer using an embedded 7-Zip client within the PA.c Installer. That's why the bundleware bits aren't a concern in the portable version, since the local installer isn't run so the bundleware components are never used.
Fantastic explanation. Thank you.
CDex Portable 1.85 was just posted which removes the local installer's DLLs which are not used by the portable installer or the app itself. This should cut down on false positive issues once installed.
That's great news! Thanks!