Kërkoni te Asistenca

Shmangni karremëzime gjoja asistence. S’do t’ju kërkojmë kurrë të bëni një thirrje apo të dërgoni tekst te një numër telefoni, apo të na jepni të dhëna personale. Ju lutemi, raportoni veprimtari të dyshimtë duke përdorur mundësinë “Raportoni Abuzim”.

Mësoni Më Tepër

VirusTotal, Cylance and MaxSecure flag Firefox Installer as Trojan

  • 4 përgjigje
  • 0 e kanë hasur këtë problem
  • 13 parje
  • Përgjigjja më e re nga Antony06

more options

VirusTotal, Cylance and MaxSecure flag Firefox Installer.exe Ro vers., as Trojan.

VirusTotal link: https://www.virustotal.com/gui/file/b603c44052222cc1bb4b9946a0d3b526411b9dd5e4ca82cfe30f3d3ff9e27b81?nocache=1

VirusTotal, Cylance and MaxSecure flag Firefox Installer.exe Ro vers., as Trojan. VirusTotal link: https://www.virustotal.com/gui/file/b603c44052222cc1bb4b9946a0d3b526411b9dd5e4ca82cfe30f3d3ff9e27b81?nocache=1
Foto të bashkëngjitura ekrani

Krejt Përgjigjet (4)

more options

That's read like what a "Malware/Virus" infection would say. What security software do you have installed?

more options

Antony06 said

VirusTotal, Cylance and MaxSecure flag Firefox Installer.exe Ro vers., as Trojan. VirusTotal link: https://www.virustotal.com/gui/file/b603c44052222cc1bb4b9946a0d3b526411b9dd5e4ca82cfe30f3d3ff9e27b81?nocache=1

Cylance is shwing as green on that page though Cylance allegedly having a unsafe result means nothing as they give a false positive way too frequently over the years on virustotal. Cylance, Clam, Antiy-AVL, and Jiangmin (and also Norton at times) have done "False Positives" frequently over the years.

It looks like it is having a issue with 7zS.sfx (look in details on page) which is the 7-ZIP self extractor used since early on and these mentioned antivirus get the occasional false positive hit on that.

Firefox setups for Windows have been self-extracting 7z since Firefox 0.8 (Feb 2004)

They tend to do it with the small online stub installer (which you uploaded) but not the full offline setup for Windows from say https://www.mozilla.org/firefox/all/#product-desktop-release

Would not really trust MaxSecure https://www.reddit.com/r/antivirus/comments/rz7gzn/maxsecure_the_antivirus_i_dont_recommend/

Ndryshuar nga James

more options

It looks like Cylance updated and now only MaxSecure (who is this?) has a detection for the setup-stub.exe file.

It's not unusual for one of the lesser known engines to cough at a Firefox installer because it uses a self-expanding 7-zip archive, and so do many malware, so at the surface level, it might seem suspicious.

You could try using the full/offline installer if you don't want to use the stub installer. See: Custom installation of Firefox on Windows.

more options

James said

Antony06 said

VirusTotal, Cylance and MaxSecure flag Firefox Installer.exe Ro vers., as Trojan. VirusTotal link: https://www.virustotal.com/gui/file/b603c44052222cc1bb4b9946a0d3b526411b9dd5e4ca82cfe30f3d3ff9e27b81?nocache=1

Cylance is shwing as green on that page though Cylance allegedly having a unsafe result means nothing as they give a false positive way too frequently over the years on virustotal. Cylance, Clam, Antiy-AVL, and Jiangmin (and also Norton at times) have done "False Positives" frequently over the years.

It looks like it is having a issue with 7zS.sfx (look in details on page) which is the 7-ZIP self extractor used since early on and these mentioned antivirus get the occasional false positive hit on that.

Firefox setups for Windows have been self-extracting 7z since Firefox 0.8 (Feb 2004)

They tend to do it with the small online stub installer (which you uploaded) but not the full offline setup for Windows from say https://www.mozilla.org/firefox/all/#product-desktop-release

Would not really trust MaxSecure https://www.reddit.com/r/antivirus/comments/rz7gzn/maxsecure_the_antivirus_i_dont_recommend/

I reported the file to Cylance as a false positive, that's why it's showing green now, but for MaxSecure I couldn't find where to report for a false positive. Maybe someone at Firefox can get in touch with them. Maybe someone from Firefox should scan the file with virustotal before putting it to download.