[solved] VirusTotal reports heuristic trojan for the portable zip - safe to use?

Discussion, questions and support.
Post Reply
Message
Author
zuendfunke
Posts: 2
Joined: 26.10.2021, 09:41

[solved] VirusTotal reports heuristic trojan for the portable zip - safe to use?

#1 Post by zuendfunke » 26.10.2021, 09:49

Hello Community,

I registered just for that simple question. :)
I downloaded the FreeCommanderXE-32-public_portable.zip and scanned it with virustotal.com
It reports one match with MaxSecure scanner: Trojan.Malware.74797385.susgen
Full report: https://www.virustotal.com/gui/file/ac4 ... 2dbcd9c957

Do you think this is a false alarm and it is safe to use?

Maybe Marek can do a fresh rebuild in order to get rid of the alarm?

Thank you!
kind regards,
Harald
Last edited by zuendfunke on 26.10.2021, 17:10, edited 1 time in total.

horst.epp
Posts: 460
Joined: 15.11.2008, 20:18

Re: VirusTotal reports heuristic trojan for the portable zip - safe to use?

#2 Post by horst.epp » 26.10.2021, 14:34

As long as none of the bigger vendors complains I would just ignore MaxSecure.
Windows 11 Home x64 Version 23H2 (OS Build 22631.3296)
Everything Version 1.5.0.1371a (x64), Everything Toolbar 1.3.2, Listary Pro 6.3.0.67
FreeCommander XE 2024 Build 905 64-bit donor

zuendfunke
Posts: 2
Joined: 26.10.2021, 09:41

Re: VirusTotal reports heuristic trojan for the portable zip - safe to use?

#3 Post by zuendfunke » 26.10.2021, 17:04

I extracted the archive and scanned all executables (exe and dll) and only two have been flagged by less popular scanners:
  • FCSFXStub.exe by MaxSecure - this file seems to be the stub for self-extracting archives
  • FCWinERedirect.exe by SecureAge APEX - this file is to set the Windows+E shortcut
All other files are 100% green.
Since I need neither of both functionalities and wanted to be 100% on the safe side, I simply renamed them to text-files and FC works well without it.

Although I strongly assume these are false positives, only detected heuristically by how they work and are actually safe to use. Unfortunately they are not white-listed by all scanners.
At least they date back to 2011, are digitally signed and if there was a severe problem with it I assume they would have been replaced in the past 10 years. :mrgreen:

Post Reply

Who is online

Users browsing this forum: Google [Bot] and 29 guests