Today's virus definition file (5150) for McAfee VirusScan detect registry.dll as a "Generic StartPage.r" when I start Thunderbird Portable 2.0.0.6; I'm pretty sure it's a false detect, I'll submit the case to McAfee and keep everyone posted here...
NB : I might forget, so if someone faster than me has info, please feel free to update this thread.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
https://portableapps.com/support
cowsay Moo
cowthink 'Dude, why are you staring at me.'
Thanks for the heads up.
I generally assume that a virus alert for an "offical" pa release is a false positive [not necessarily for anything else I've found here]
I will launch FFP and TBP before updating VirusScan.
If I get an alert after updating I'll choose to ignore it.
Thanks again for the heads up.
Tim
{EDIT: in checking my On Access scan settings I'm not seeing a setting for "let me choose what to do [e.g. ignore] so I am going to exclude "registry.dll" from scanning, since I don't know for sure if FFP will be able to run properly if the dll in question is deleted or quarantined }
Things have got to get better, they can't get worse, or can they?
registry.dll is only a temporary file and will be recreated next time you run FFP. Delete at your will.
"If you're not part of the solution, you're part of the precipitate."
I think he is asking what might happen if the AV deletes the DLL before the launcher has a chance to use it.
MC
VirusTotal confirmed that McAfee detects a virus in Thunderbird Portable, so is Sunbelt! I've submitted the case to WebImmune...
(what was MISIIM input anyway ?)
ion][reflex
[reflexion]
On the support page it says don't report false positives.
cowsay Moo
cowthink 'Dude, why are you staring at me.'
I get four or five popup warnings in a row. It says:
Detection: Generic.startpage.r
Action: File deleted
Object: Registry.dll
Location: C:\Document...\Nsb213.tmp
So let me see if I understand.
1) We are now getting this warning from McAfee because of new definitions from McAfee. IOW, it is McAfee that has changed rather than Thunderbird portable.
2) It is a false positive. There is nothing wrong with Registry.dll.
And a question:
Q1) What damage is this (file deletion) doing to the execuction of Thunderbird Portable?
TIA.
Peter
I am getting the same false positive for Clamwin, Firefox, and Abiword.
Also getting the same virus report when launching FFP. Tried disabling all addons, then moving my Profile (creating a new one), then doing clean install. None of these steps made a difference.
Read this reply:
https://portableapps.com/node/9825#comment-54364
Tim
Things have got to get better, they can't get worse, or can they?
https://portableapps.com/node/9837#comment-54369
~Lurk~
https://portableapps.com/node/9846
This addresses most questions that people can ask about this problem.