Hello Community,
I registered just for that simple question.
I downloaded the FreeCommanderXE-32-public_portable.zip and scanned it with virustotal.com
It reports one match with MaxSecure scanner: Trojan.Malware.74797385.susgen
Full report: https://www.virustotal.com/gui/file/ac4 ... 2dbcd9c957
Do you think this is a false alarm and it is safe to use?
Maybe Marek can do a fresh rebuild in order to get rid of the alarm?
Thank you!
kind regards,
Harald
[solved] VirusTotal reports heuristic trojan for the portable zip - safe to use?
-
- Posts: 2
- Joined: 26.10.2021, 09:41
[solved] VirusTotal reports heuristic trojan for the portable zip - safe to use?
Last edited by zuendfunke on 26.10.2021, 17:10, edited 1 time in total.
Re: VirusTotal reports heuristic trojan for the portable zip - safe to use?
As long as none of the bigger vendors complains I would just ignore MaxSecure.
Windows 11 Home x64 Version 23H2 (OS Build 22631.3296)
Everything Version 1.5.0.1371a (x64), Everything Toolbar 1.3.2, Listary Pro 6.3.0.67
FreeCommander XE 2024 Build 905 64-bit donor
Everything Version 1.5.0.1371a (x64), Everything Toolbar 1.3.2, Listary Pro 6.3.0.67
FreeCommander XE 2024 Build 905 64-bit donor
-
- Posts: 2
- Joined: 26.10.2021, 09:41
Re: VirusTotal reports heuristic trojan for the portable zip - safe to use?
I extracted the archive and scanned all executables (exe and dll) and only two have been flagged by less popular scanners:
Since I need neither of both functionalities and wanted to be 100% on the safe side, I simply renamed them to text-files and FC works well without it.
Although I strongly assume these are false positives, only detected heuristically by how they work and are actually safe to use. Unfortunately they are not white-listed by all scanners.
At least they date back to 2011, are digitally signed and if there was a severe problem with it I assume they would have been replaced in the past 10 years.
- FCSFXStub.exe by MaxSecure - this file seems to be the stub for self-extracting archives
- FCWinERedirect.exe by SecureAge APEX - this file is to set the Windows+E shortcut
Since I need neither of both functionalities and wanted to be 100% on the safe side, I simply renamed them to text-files and FC works well without it.
Although I strongly assume these are false positives, only detected heuristically by how they work and are actually safe to use. Unfortunately they are not white-listed by all scanners.
At least they date back to 2011, are digitally signed and if there was a severe problem with it I assume they would have been replaced in the past 10 years.
Who is online
Users browsing this forum: Google [Bot] and 29 guests