0

I was using my PC in darkness.Brightness of PC was too shiny.
I downloaded Flux software.
I scanned it on metadefender.
It says 1 threat detected(STOPzilla).
I searched on Google that what is it.I got nothing except anti-STOPzilla.
I visited the following page but it was not understand-able to me cause I am not too professional at english:
Is STOPzilla a safe program?
Can Anybody help me that what virus is it?

ShopiMacros
  • 37
  • 6
  • 1
    Do you refer to this [metadefender](https://www.opswat.com/package-options-it-admins?utm_referrer=https%3A//www.opswat.com/products/metadefender/core/multi-scanning)? If so, could it be that it just wants to state that its Multi-Scanning engine got a (false-)positive from STOPzilla for your file (so basically a 1/30 rating)? – flolilo Jul 10 '17 at 21:52
  • 2
    Since STOPZilla is an antivirus engine rather than malware, this is not a duplicate. Voting to reopen. – fixer1234 Jul 11 '17 at 01:48
  • You Can check the [result on metadefender](https://www.metadefender.com/#!/results/file/ZTE2MTIwN0JrOEp4dUpIUWdIeTVYSmxUSTda/regular/analysis) – ShopiMacros Jul 11 '17 at 10:41

1 Answers1

6

STOPZilla is a scanning engine. Its not a virus, its an Anti-Virus engine. Meta Defender uses this engine, and the message you received was that the STOPZilla engine found a virus.

See here, a list of scanning engines used by Meta Defender.

LPChip
  • 59,229
  • 10
  • 98
  • 140
  • 2
    In any case, f.lux (the link in the question is to the f.lux site) is perfectly safe to use and the scan was more than likely a false positive. – DavidPostill Jul 11 '17 at 08:03
  • Wait a minute.If **STOPzilla** is a search engine, then It scanned the virus?@LPChip – ShopiMacros Jul 11 '17 at 11:06
  • It shows The following: **Hijacker.Win32.Feedcath** – ShopiMacros Jul 11 '17 at 11:15
  • 1
    At a rate of 1/30 (or 1/40), one can almost safely assume that it's a false-positive. Usually, I'd suggest to check the hash of the file, but f.lux does not provide a hash as far as I can see. In this case, I'd use [virustotal](https://www.virustotal.com/) or any other analysation tool to check again. But in any case, as STOPzilla isn't one of the major players (or so it would seem), I believe that it's simply wrong about f.lux. – flolilo Jul 11 '17 at 11:38
  • @flolilolilo ,Are you sure? – ShopiMacros Jul 11 '17 at 12:09
  • Should I install this software with closed eyes? – ShopiMacros Jul 11 '17 at 12:27
  • 1
    That's for you to decide. If they got compromised, I would expect them to write a blog-entry later that day that says "Hey people, our website got hacked and f.lux was replaced with an infected version. Now everything's back to normal." It seems **very unlikely** that their site got hacked and nobody noticed for such a long timespan, except from STOPzilla. But of course, that's just logic, which has nothing to do with the (ir)rational fear of malicious software. Rule of thumb: *If you don't trust it, don't install it.* – flolilo Jul 11 '17 at 12:30
  • 1
    @ShopiMacros: Hijacker.Win32.Feedcath is the name of the virus that STOPZilla found, but as the rest points out, there is a big chance it's a false positive. – LPChip Jul 11 '17 at 12:38
  • **Windows Defender** is saying that no threats detected. – ShopiMacros Jul 11 '17 at 12:50