When you try to download firefox, AVG thinks that it is a trojan
see screenshot at http://zzxc.net/sumo/pilif12p/VirusAlert.PNG
This has been reported several times in the past hour on support.mozilla.com.
taking, will work with AV-vendors on this.
We are also tracking a issue with avg and thunderbird in Bug 520777
this seems to be a problem with signatures and is a false positive i guess. Another Virus Scan (jotti.viruscan) show no indication of a virus
However, AVG and TheHacker (another AV that seem to have this false positive) are informed now.
Will update this bug when i get a response from this vendors, should be in a few hours.
AVG confirmed this as false-positive:
"Unfortunately, the current virus database version may detect the
mentioned virus on some legitimate applications. We can confirm that
it is a false alarm. We would like to inform you that the false
positive will be removed in the next Definitions update. Please update
your AVG and if a new Definitions update was downloaded, check whether
the file is still detected.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
- Click on the "Restore" button.
We are sorry for the inconvenience.
will leave this bug open till we get confirmation from users and also feedback from thehacker (i think they might use the same AV engine as AVG)
*** Bug 520925 has been marked as a duplicate of this bug. ***
*** Bug 520946 has been marked as a duplicate of this bug. ***
also installed avg free on a test vm tested 3.5.3 installer from various mirrors and can confirm its not detected as virus:
"Scan ""Shell extension scan"" was finished."
"No infection was found during this scan"
"Folders selected for scanning:";"C:\Firefox Setup 3.5.3-1.exe;C:\Firefox Setup 3.5.3-2.exe;C:\Firefox Setup 3.5.3-4.exe;C:\Firefox Setup 3.5.3-5.exe;"
"Scan started:";"Wednesday, October 07, 2009, 12:53:01 PM"
"Scan finished:";"Wednesday, October 07, 2009, 12:53:03 PM (1 second(s))"
"Total object scanned:";"4"
AVG Version: 8.5.421
Anti Virus Database has the Version: 270.14.5/2419
(In reply to comment #5)
Can we get this on a webpage from AVG so that we can link users to it?
A user on SUMO reported that the installer is being detected as "Trojan horse Downloader.BanloadAPJF" with virus database version 270.14.5/2419, so it appears that this is not fixed yet for all users.
(In reply to comment #10)
> A user on SUMO reported that the installer is being detected as "Trojan horse
> Downloader.BanloadAPJF" with virus database version 270.14.5/2419, so it
> appears that this is not fixed yet for all users.
also AVG Version: 8.5.421? seems they have pushed also a program update recently
also thehacker AV confirmed this problem is a result of a false-positive and now fixed
"The file is considering as a false positive so that our last update corrects that detail.
Victor Arroyo Cauti.
I just got the same problem yesterday downloading the portuguese version.
It detects it as an trojan
Downloaded the english version and nothing it didn't.
It seems to be happening again, but a different name this time. Its "Trojan-Downloader - Win32 Banload.aips"
(In reply to comment #14)
> It seems to be happening again, but a different name this time. Its
> "Trojan-Downloader - Win32 Banload.aips"
> See https://support.mozilla.com/en-US/forum/1/469767
Now its zonealarm too... I guess i should have learned to read the thread in its entirety. But can anyone reproduce?
This is no longer being reported in support, it seems to be fixed in the latest AVG updates.
(In reply to comment #16)
> This is no longer being reported in support, it seems to be fixed in the latest
> AVG updates.
thanks , marking as works for me