Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How safe is it to install a file that all but one anti-virus apps approve of?


  • Please log in to reply
6 replies to this topic

#1 Cerberus™

Cerberus™

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 19 March 2010 - 10:02 PM

Greetings! Great forum. I installed Pale Moon, a Firefox variant supposedly fit for Windows. I scanned it at Jotti's, and all but one anti-virus programs found it virus-free:
http://virusscan.jotti.org/en/scanresult/b...0581594b0270b25
Knowing that false positives often happen, would you install software such as this?

Edited by Cerberus™, 19 March 2010 - 11:06 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:44 AM

Posted 20 March 2010 - 06:46 AM

If you suspect a detection was a "false positive", then you should contact and advise the vendor that their program is being detected as a threat. In many cases they will work with the anti-virus techs in an attempt to resolve the detection. Most anti-virus vendors have instructions for file submissions posted on their web sites. Once a file is received, a technician can examine it in more detail and provide a report letting you know the results.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Cerberus™

Cerberus™
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 20 March 2010 - 09:45 AM

Thank you for your quick reply. Good idea, I could contact the virus scanner's vendors. Failing that, how high would you estimate the chance of such a file's containing a virus, if 19/20 virus scanners said it was safe? I also had it scanned at Virus Total, which gave 40/42 safe readings and 2 unsafe: one of which was the same Belarussian vendor as on Jotti's, and the other one was a Suspicious.Insight from Symantec, which I was told means hardly more than that the file is unknown and new.
http://www.virustotal.com/analisis/1a89589...4ad4-1268884354
If 40/42 scanners say it's safe, would you consider that a reasonable clue that it is most probably safe? I have also Googled ["pale moon" virus] and found nothing.

#4 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:44 AM

Posted 20 March 2010 - 11:23 AM

The site is safe
SiteAdvisor
WoT

#5 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:03:44 AM

Posted 20 March 2010 - 01:09 PM

Softpedia.com is distributing the installer as well : http://www.softpedia.com/get/Internet/Brow...Pale-Moon.shtml
I consider Softpedia a safe distributor. They test a program for various activities like changes made to system etc before listing it online for download.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:44 AM

Posted 20 March 2010 - 02:59 PM

If you are familiar with the file and the vendor its related too and your software was downloaded from a reputable site, then is likely a false positive.

When you are unsure about a suspicious or unknown file, you can always rename it by adding .vir after the file's extension (i.e. badfile.dll.vir). If you receive an alert from Windows about renaming, just ignore it. I prefer renaming instead of deleting as deletion leaves you with no option to restore if the file is later found to be legitimate.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Cerberus™

Cerberus™
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 20 March 2010 - 06:03 PM

Thank you, guys!

Siteadvisor and WoT are very useful sites indeed!

I did download it from Softpedia, but one can never be too sure.

Pale Moon appears to be very new: there is hardly any review on it to be found. I downloaded it after the single decent review I could find, on addictivetips.com; I usually install programs linked to by trustworthy review sites, though perhaps that is not always prudent...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users