What is apppack 16.1.exe?

apppack 16.1.exe keeps being downloaded and shows up in my download folder. An alert says Norton scanned it and it's safe. I keep deleting but I can find no information on it. What is it, why does it keep popping up, and why does Norton say it's safe?

@rburns59
btw ~
VirusTotal now reports 32 security vendors flagged this file as malicious. 
https://www.virustotal.com/gui/file/03b9382e7a4194b991421246f09ebe22f7775a2ed03b980df8daae40d87428cd

Malwarebytes staff & experts seem willing to help all.   
You don't need a Malwarebytes subscription.

How to install Malwarebytes & run a scan
https://malwaretips.com/blogs/run-a-scan-with-malwarebytes/

Malwarebytes Malware Removal Help
https://forums.malwarebytes.com/forum/108-malware-removal-help

Thank you. I don't run browser sync. I just get the Norton notification. It says it's safe but I'm not touching it with the proverbial 10 ft pole. I have a circuit of websites I check most days so my theory is it came from one but I've been checking after each one and so far nothing.

I will look into MWB. i used to have a premium version so if I download it again I should be able to run it.

Your help is appreciated

btw ~
VirusTotal now reports 16 security vendors flagged this file as malicious. 
https://www.virustotal.com/gui/file/03b9382e7a4194b991421246f09ebe22f7775a2ed03b980df8daae40d87428cd

fwiw ~ 
VirusTotal uses the command-line scanner versions of the products that support VirusTotal. Solutions included in VirusTotal are configured according to the parameters requested by the vendor, with a more aggressive level of heuristic detection than the official end-user default configuration would offer.  Commercial product have false-positive suppression mechanisms which are not present in the VirusTotal command-line engine. 

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. VirusTotal uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product.

rburns59:

I agree that 12 is enough to make me curious, hence my question.

Every time this shows up I delete this and empty the recycle. I have run smart scans and a full scan with no threats found. Do you think a Malwarebytes scan is also needed? I used to have MB but worried it was conflicting with Norton. I could reload it if I need to.

Do you run browser sync? 
Do you see apppak file download (in your browser) or you just see Norton report on the download while your browsing?

Well, if you ask for help over on Malwarebytes Forums.  You may be asked by staff &or experts to run Malwarebytes scan amongst other tools.    

Malwarebytes Free (not real-time protection) does not conflict with Norton.
And you may setup mutual exclusions and setup Malwarebytes to run/update only on-demand.

(some say mutual exclusions are not needed - some say mutual exclusions are needed) 
https://community.norton.com/en/comment/8537355#comment-8537355

If you do not run Malwarebytes real-time protection =>
https://community.norton.com/en/comment/8546363#comment-8546363 

Deactivate Premium Trial in Malwarebytes for Windows
https://support.malwarebytes.com/hc/en-us/articles/360040972954-Deactivate-Premium-Trial-in-Malwarebytes-for-Windows

Regardless, you're curious what the darn file is.  
I'm thinking Malwarebytes Forums will help you find out and more.  

I'm thinking what's the downside. 
I follow Malwarebytes Community.  Were my machine.  I'd ask for Malwarebytes Help.    

Maybe, Norton Community user will come along with info as to what is apppack 16.1.exe.  
Or, you can run Malwarebytes scan and decide how to proceed, afterwards.

I'm sorry I cannot advise with more certainty one way or the other.  
12 makes me curious...how the heck this got to your machine and how the heck it keeps coming back. 
May be totally benign.  I'm curious to find out one way or the other.

Please post back Malwarebytes scan results &or if you start a thread over on Malwarebytes. 

Caveat:  I have a Malwarebytes Premium subscription.  I do not run Malwarebytes real-time protection.  I only run an occasional Malwarebytes on-demand scan.   I have mutual exclusions.  

btw ~ VirusTotal now reports 14 security vendors flagged this file as malicious.  The file is 16MB, recent creation and signed.  May be totally benign.  Just curious what is helper-G, how helper-G came to you and how helper-G keeps coming back.   
Maybe, you recently installed a browser extension or program?  


btw ~ G-Helper...is not your helper-G.  

https://github.com/seerge/g-helper

 

Thanks for attempting to help.

Yes I use stuff as my download folder.

I agree that 12 is enough to make me curious, hence my question.

Every time this shows up I delete this and empty the recycle. I have run smart scans and a full scan with no threats found. Do you think a malwarebytes scan is also needed? I used to have MB but worried it was conflicting with Norton. I could reload it if I need to.

your help is appreciated

rburns59:
I don't use dropbox. in layman's terms, what does this mean?

I was hoping for a hint from your Copy to Clipboard > paste [here].


rburns59:
apppack 16.1.exe keeps being downloaded and shows up in my download folder 

Curious, is 'c:\Stuff\' your downloads folder? 

Sorry, in layman's terms.... ¯\_(ツ)_/¯

Were my machine:
I'd ask for help => Malwarebytes Malware Removal Help
https://forums.malwarebytes.com/forum/108-malware-removal-help/

You have a file on your machine that 12 security vendors flagged as malicious.  12 is not a preponderance.  12 is sure enough to make me wonder...what does this mean? 

Malwarebytes staff & experts seem to be willing to help all.   You don't need a Malwarebytes subscription.
Speaking of Malwarebytes.  Have you run Malwarebytes scan just for giggles.

How to install and run a scan with Malwarebytes Free
https://malwaretips.com/blogs/run-a-scan-with-malwarebytes/

I don't use dropbox. in layman's terms, what does this mean?

Developers Hboosters Ltd
Downloaded File from dropboxusercontent.com

 

fwiw ~ VirusTotal report:  helper-G.dll

12 security vendors and no sandboxes flagged this file as malicious
03b9382e7a4194b991421246f09ebe22f7775a2ed03b980df8daae40d87428cd
helper-G.dll

 

https://www.virustotal.com/gui/file/03b9382e7a4194b991421246f09ebe22f7775a2ed03b980df8daae40d87428cd


fwiw ~ 

HBOOSTERS LTD is an active Private Limited Company, registered at Companies House under the number 14425744.

https://www.onlinefilings.co.uk/company/profile/14425744-/

fwiw ~ 

https://uc16b94ecc9f318cc8d1c484c282.dl.dropboxusercontent.com/cd/0/get/CFk9es_zZekufSsDU4H1-lwNP9y7PUJLSLhyuON-GTchxuPq9HoqWMM0pNue_FFCPOGIZ3IQ771tAOAFMFBwdK4lpuUyUsYczX2_bDqDsMgQYslDwtsQLO2cUn2JAaxbCH5zjBQ1Ke6RH0l1J3WZOu59/file?dl=1#

Error (410)
Something went wrong. Don't worry, your files are still safe and the Dropbox team has been notified. Check out our Status Page to see if there is a known incident, our Help Center and forums for help, or head back to home.

not that I know of. I do go on Amazon frequently but not when this appears.

Filename: AppPack 16.1.exe
Full Path: c:\Stuff\AppPack 16.1.exe

____________________________

____________________________


Developers
Hboosters Ltd

Version
1.0.0.0

Identified
10/14/2023 at 5:32:22 AM

Last Used
Not Available

Startup Item
No

____________________________


Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week  ago.

Good
Norton has given this file a favorable rating.


____________________________


https://uc16b94ecc9f318cc8d1c484c282.dl.dropboxusercontent.com/cd/0/get/CFk9es_zZekufSsDU4H1-lwNP9y7PUJLSLhyuON-GTchxuPq9HoqWMM0pNue_FFCPOGIZ3IQ771tAOAFMFBwdK4lpuUyUsYczX2_bDqDsMgQYslDwtsQLO2cUn2JAaxbCH5zjBQ1Ke6RH0l1J3WZOu59/file?dl=1#
Downloaded File  from dropboxusercontent.com

____________________________


File Thumbprint - SHA:
03b9382e7a4194b991421246f09ebe22f7775a2ed03b980df8daae40d87428cd
File Thumbprint - MD5:
310982fe3bbf32fd8ed8cf9d05b67ff6

 

Apppack appears to be software to assist developers in getting their apps onto AWS (Amazon Web Services).   https://apppack.io/  From their FAQ Docs.  

AppPack is a suite of tools that creates an application platform-as-a-service similar to Heroku on your own AWS account.

Have you had any connection to AWS or app development? 

Please tell us what Norton is telling you regarding this event.
For information regarding this event > from Norton pop-up > View Details > Copy to Clipboard &or from Norton history > More Options > Copy to Clipboard > paste here.

For second opinion choose File &/or Search hash at VirusTotal 


  • Norton product or service name and version
  • Operating system - version / build 
  • Norton error message / error code / screen shot (mask personal info)