according to the trunk page on LAME's sourceforge SVN page, they stated that "CDex has been stolen and is loaded with malware." The last time tried using CDex, it was completely useless. Is the version on the platform actually malware? if not, then it should be marked as discontinued. Thanks
New: Run-Command (Dec 2, 2024), Platform 29.5.3 (Jun 27, 2024)
1,100+ portable packages, 1.1 billion downloads
No Ads Nov/Dec!, Please donate today
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
There were some versions of CDex released that would install adware by default as part of the installation process, but our package doesn't include their installer.
And there is no indication that CDex itself is compromised, with only a single positive from a minor antivirus engine.
Just to add to this, malwarebytes no longer lets me download cdex via portableapps platform which leads me to think the program should be removed for average users and perhaps only be accessible as a Beta or some other type of opt in download. This will help keep the integrity of the portable apps platform for average users. I don't think we want virus warnings associated with this amazing plaform.
... or you could report the false positive to malwarebytes to fix their error. False positives are the most disturbing side effect of more antivirus solutions. They normally get fixed after a while when they are reported. They are not completely avoidable because of the way, their heuristics work.
At the moment over 10 virus checkers report that CDex from Portable Apps contains malware! Check this $-file inside for example with Virus Total Webpage.
The fresh made install of cdex in Portable Apps (August 2021) is claimed by MS Defender and over 10 different virus checkers of VirusTotal Online Check also recognize that that is malware inside CDEX. So from my side this is a NOGO! 1 heuristic ok. But over 10 different engines?
Don't go by numbers, read the actual results. Warnings about FusionCore/InstallCore, "adware", or "potentially unwated" with a couple of "generic" false positives is all it is. What that means is that the CDex installer has bundleware included, not that it is malware or there is any risk. The CDex Portable installer bypasses the CDex installer and only installs CDex itself.
That said, if we're at the point where many users can't install it due to these basic warnings, I'm not opposed to revering to an earlier version. The authors abandoned the GPL back in 2005 with the 1.7 beta releases. There is a 1.71 fork that seems to work ok. We could start with that, update the encoding DLLs and have a possibly workable solution. Thoughts?
Sometimes, the impossible can become possible, if you're awesome!
You are right, this count of several quality engines (in contrast to the situation last year) is really strong evidence of a PUP. I don't trust this software either, as it possibly has been "hijacked" a while ago by another developer (there are some hints of gpl issues and source code has not been published for the lates versions). I would not recommend using it atm.
I cannot tell if that $ file is still used by the app itself or is a leftover of the possible malicious original installer of the app.