Virustotal results! Can you explain it to me? Why?

General project discussion.
Use this as a last resort if your topic does not fit in any of the other boards but it still on-topic.
Forum rules
This General Discussion board is meant for topics that are still relevant to Pale Moon, web browsers, browser tech, UXP applications, and related, but don't have a more fitting board available.

Please stick to the relevance of this forum here, which focuses on everything around the Pale Moon project and its user community. "Random" subjects don't belong here, and should be posted in the Off-Topic board.
User avatar
Boros
New to the forum
New to the forum
Posts: 2
Joined: 2022-07-10, 08:00

Virustotal results! Can you explain it to me? Why?

Unread post by Boros » 2022-07-10, 08:59

I have been using this browser since version 25!

Virustotal results! Is it dangerous?

What's it? Can you explain it to me?

Palemoon-Portable-31.1.1.win32.exe / 27.72 MB 2022-07-10 08:20:10 UTC
0e9964b503dcca0c69b44eee916cb2f55ab8980eb3fa76f9e57c00ddf63fc2d2
(3/64) https://www.virustotal.com/gui/file/0e9 ... ddf63fc2d2
Antiy-AVL: Trojan/Generic.ASMalwS.7DBB
Ikarus: Trojan.Dropper
Malwarebytes: Malware.Heuristic.1003

palemoon-31.1.1.win32.7z / 27.09 MB 2022-07-10 08:51:59 UTC
8cbb9d97e200d11ba9409c1dba720f67ecc0b190e1e240dd1b312f1afa215eb4
(1/57) https://www.virustotal.com/gui/file/8cb ... 1afa215eb4
Antiy-AVL: Trojan[Dropper]/Win32.Remcos

Palemoon-Portable.exe / 412.85 KB 2022-07-10 08:26:02 UTC (from this palemoon-31.1.1.win32.7z)
dc25e50454238835ca3469483cd6e0c193c3249e77704b7cc8b90c7327bbb01d
(3/68) https://www.virustotal.com/gui/file/dc2 ... 7327bbb01d
Ikarus: Trojan.Dropper
MaxSecure : Trojan.Malware.103646588.susgen
SecureAge APEX: Malicious

Previous:
Palemoon-Portable-31.1.0.win32.exe
236e127285370e9c82b945439e351f34dc26cef5388bb4ceba05207da05987ad
7z.sfx.exe 27.75 MB 2022-07-01 10:34:20 UTC

https://www.virustotal.com/gui/file/236 ... 7da05987ad
2/67
Ikarus Trojan.Dropper
Malwarebytes Malware.Heuristic.1003

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35474
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Virustotal results! Can you explain it to me? Why?

Unread post by Moonchild » 2022-07-10, 09:21

Generic heuristics false positives.
The portable is a self-extractor, and the portable launcher is created with AutoIT which people have abused for creating malware.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
athenian200
Contributing developer
Contributing developer
Posts: 1498
Joined: 2018-10-28, 19:56
Location: Georgia

Re: Virustotal results! Can you explain it to me? Why?

Unread post by athenian200 » 2022-07-10, 12:50

You especially shouldn't take the results from Antiy-AVL very seriously... look at this for example.

https://community.intel.com/t5/Graphics ... -p/1345186

Apparently they have even flagged executables from a fairly reputable company like Intel, and I'm pretty sure Intel's drivers do not contain a virus either. It seems like the heuristics software is trying to protect people from viruses by noting that viruses infecting computers are usually executables that are compressed with something...
"The Athenians, however, represent the unity of these opposites; in them, mind or spirit has emerged from the Theban subjectivity without losing itself in the Spartan objectivity of ethical life. With the Athenians, the rights of the State and of the individual found as perfect a union as was possible at all at the level of the Greek spirit." -- Hegel's philosophy of Mind

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35474
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Virustotal results! Can you explain it to me? Why?

Unread post by Moonchild » 2022-07-10, 13:01

Yeah ANtiy is notorious for their false positives. not sure why VirusTotal continues to include them
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
Boros
New to the forum
New to the forum
Posts: 2
Joined: 2022-07-10, 08:00

Re: Virustotal results! Can you explain it to me? Why?

Unread post by Boros » 2022-07-12, 15:25

Moonchild wrote:
2022-07-10, 09:21
Generic heuristics false positives.
The portable is a self-extractor, and the portable launcher is created with AutoIT which people have abused for creating malware.
athenian200 wrote:
2022-07-10, 12:50
You especially shouldn't take the results from Antiy-AVL very seriously... look at this for example.

https://community.intel.com/t5/Graphics ... -p/1345186

Apparently they have even flagged executables from a fairly reputable company like Intel, and I'm pretty sure Intel's drivers do not contain a virus either. It seems like the heuristics software is trying to protect people from viruses by noting that viruses infecting computers are usually executables that are compressed with something...
Moonchild wrote:
2022-07-10, 13:01
Yeah ANtiy is notorious for their false positives. not sure why VirusTotal continues to include them
Thank you all for your explanations!
Now it's clear to me!
You really helped me!

Locked