I was updating Librewolf manually on Windows and i found that Librewolf’s updater and i scanned it using Virustotal and the results were a shock to me as 5 antivirus companies flagged it as a malware, Could anyone explain?
1 Like
First off what is in that link?
5 antiviruses are presumably trash and need to update their lists.
2 Likes
Just use Mullvad browser instead…
RIP
when are windows user going to catch a break?
Antiviruses are garbage, this is a pretty normal result for a fresh and unknown binary. The only way to get lower is to sign your binaries.
3 Likes
I looked at this again, now only 4 vendors (from 5) flag it as malware.
Its not that the others are crap, its just that their virus signatures are overtly aggressive and gives a false positive. As @Stiffly2505 puts it the binaries are not signed (you may get the signing keys from MSFT 
I dont know what they would want).
You were not the first one that submitted this particular file @L_ishere670 . Someone beat you a whole day before.
There were the IP addresses that were contacted by the updater (according to the VT details) and the first 3 in the list were flagged and was associated with certain malwares. It could be something or nothing all together.
1 Like
you may get the signing keys from MSFT
Incorrect, you can just buy a code signing certificate from any trusted partner: List of Participants - Microsoft Trusted Root Program | Microsoft Learn
its not even that expensive, about 150 USD/year for the cheap ones. And Certum has an even cheaper OSS one, too bad they suck as a CA.
2 Likes
Correct me if I am wrong, but to me it seems that antiviruses themselves are the malware. If you are using Windows or Apple’s OSs they come with antiviruses by default. Also, you have 5 of them!?
1 Like
He doesn’t have 5 antivirus installed, he’s using virustotal.com
3 Likes
Is virustotal.com considered the best online virus scanner which doesn’t require the antivirus to be installed on your device?
I think its more a mix of convenience of no install required to scan a file, and more well-known in terms of online virus scanners (or at least that I’m personally aware of).
2 Likes
I appreciate your reply!
I’ve always been interested in “portable apps”, especially on the Windows side of things. It seems nice to be able to just have your apps running off an encrytped USB drive.
However, everyone should be careful of “portable apps” that come from unofficial websites and are often spyware.
1 Like