You are here

ClamAV (PortableApp version) finds many viruses in PortableApp apps!

2 posts / 0 new
Last post
Longtime_fan
Offline
Last seen: 3 years 9 months ago
Joined: 2020-06-16 17:49
ClamAV (PortableApp version) finds many viruses in PortableApp apps!

Ran ClamAV today and got a rude surprise. Dozens of infections!
Most of the flagged files are in the PortableApps packages I installed. Dozens of them.
Also found one in Google's own Photo Backup/Update service.

ClamAV (PortableApps version) quarantined the files so I'm going to uninstall the infected ones, hopefully they will stay gone.

Two most common viruses/trojans/etc. found are GrafTor (Malware) and FauxPythonCover.

Wanted to raise a concern that whatever virus checking is being done may be getting circumvented somehow. I don't know for sure where they came from. Just starting with the obvious -- PortableApps.

I had been installing some new apps, some from PortableApps, others from other "certified safe" download sites, mostly developer tools, so I'm befuddled (not really that surprised given the intense efforts by hackers eager to set up systems for their use this election season) at having to do the cleanup required now. Looks pretty wicked when these viruses have been setting up their own Tor connections for command and control.

John T. Haller
John T. Haller's picture
Offline
Last seen: 4 hours 35 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Likely False Positives

ClamAV (and thus ClamWin) has pretty regular false positives in Windows software. That's why we link to the antivirus scans of apps right from their download pages on the site that has their scan results in about 60 different engines and why we have a section detailing false positives on our support page: https://portableapps.com/support#false_positive

We perform a Virus Total scan on each app before we release it. For example, here's Google Chrome Portable's scan from this morning.

That's not to say that your software couldn't get infected on its own, of course. That's why you should have installed/up to date antivirus software on your personal and work machines and every machine you use your apps on.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments