You are here

PuTTY: False Positives with McAfee?

8 posts / 0 new
Last post
Cheetah
Cheetah's picture
Offline
Last seen: 4 years 4 months ago
Joined: 2007-02-07 14:36
PuTTY: False Positives with McAfee?

Is anyone else getting what I presume is a false positive hit for "Generic StartPage.r" on %TEMP%\nsvXXX.tmp\registry.dll when opening and closing PuTTY Portable? This appears to have just shown up for me in today's McAfee update (5150/October 26th 2007).

jwyanze
jwyanze's picture
Offline
Last seen: 10 years 2 months ago
Joined: 2007-08-08 00:44
Yea

there is ah next post on it to its todays update. And it appairs with any portable app it seems because it happen with me on countless times. Tell McAfee bout the BS they doing.

Never curse the alligator till you done cross the bridge. Wink

Tim Clark
Tim Clark's picture
Offline
Last seen: 12 years 11 months ago
Joined: 2006-06-18 13:55
More False Positives

This is likely a false positive.

It has been happening with FFP and TBP as well.

Be assured that Official PortableApps.com programs are virus free.
Sometimes some of the things the apps need to do "look" suspicious to some antimalware programs and they need to be updated. Unfortunately, this happens more often than it should Sad

Please read the following 2 threads:
https://portableapps.com/node/9825
https://portableapps.com/node/9834

and now:
https://portableapps.com/node/9837

Hopefully McAfee [and AVG] will get the message and update soon,
we hope Sad

Things have got to get better, they can't get worse, or can they?

Caehan
Caehan's picture
Offline
Last seen: 1 year 4 weeks ago
Joined: 2007-10-19 22:51
John's Report...
cwinebrinner
Offline
Last seen: 16 years 1 month ago
Joined: 2008-01-15 22:55
MD5

The PortableApps version claims to be version 0.60, but if you compare the MD5 checksum of the internal putty.exe file at \PortableApps\PuTTYPortable\App\putty\putty.exe with the expected MD5 found here: http://the.earth.li/~sgtatham/putty/0.60/md5sums , they are not the same. I'm suspicious to say the least.

John T. Haller
John T. Haller's picture
Online
Last seen: 38 min 47 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
UPX

That's due to UPX compression, which shrinks an EXE to save space (and is unrelated to the false positive above which McAfee has since corrected on their end). It's an open source (GPLed) utility. You can UNUPX the EXE yourself and it'll match the official MD5 sum again. UPX homepage

Sometimes, the impossible can become possible, if you're awesome!

cwinebrinner
Offline
Last seen: 16 years 1 month ago
Joined: 2008-01-15 22:55
Wow...

... lightning fast response. Thanks for the clarification.

RMB Fixed
Offline
Last seen: 14 years 2 months ago
Joined: 2006-10-24 10:30
...

So, have you switched on file-size displaying yet ? Smile

Log in or register to post comments