Closed
Bug 520895
Opened 16 years ago
Closed 16 years ago
AVG Finds Firefox as trojan
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: tanner, Assigned: cbook)
References
Details
(Keywords: common-issue-)
When you try to download firefox, AVG thinks that it is a trojan
see screenshot at http://zzxc.net/sumo/pilif12p/VirusAlert.PNG
|
||
Comment 1•16 years ago
|
||
This has been reported several times in the past hour on support.mozilla.com.
Keywords: common-issue+
|
Assignee | |
Comment 2•16 years ago
|
||
taking, will work with AV-vendors on this.
We are also tracking a issue with avg and thunderbird in Bug 520777
Assignee: nobody → cbook
|
|
Assignee | |
Comment 3•16 years ago
|
||
this seems to be a problem with signatures and is a false positive i guess. Another Virus Scan (jotti.viruscan) show no indication of a virus
http://virusscan.jotti.org/en/scanresult/fd8b78c273c11d45b8ecb0a99ae1556d0461a5e2/f372e4bc318e9659a57641b0e68943c352505a0f
However, AVG and TheHacker (another AV that seem to have this false positive) are informed now.
Will update this bug when i get a response from this vendors, should be in a few hours.
|
|
Assignee | |
Comment 5•16 years ago
|
||
AVG confirmed this as false-positive:
"Unfortunately, the current virus database version may detect the
mentioned virus on some legitimate applications. We can confirm that
it is a false alarm. We would like to inform you that the false
positive will be removed in the next Definitions update. Please update
your AVG and if a new Definitions update was downloaded, check whether
the file is still detected.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
"
will leave this bug open till we get confirmation from users and also feedback from thehacker (i think they might use the same AV engine as AVG)
|
|
Assignee | |
Comment 8•16 years ago
|
||
also installed avg free on a test vm tested 3.5.3 installer from various mirrors and can confirm its not detected as virus:
"Scan ""Shell extension scan"" was finished."
"No infection was found during this scan"
"Folders selected for scanning:";"C:\Firefox Setup 3.5.3-1.exe;C:\Firefox Setup 3.5.3-2.exe;C:\Firefox Setup 3.5.3-4.exe;C:\Firefox Setup 3.5.3-5.exe;"
"Scan started:";"Wednesday, October 07, 2009, 12:53:01 PM"
"Scan finished:";"Wednesday, October 07, 2009, 12:53:03 PM (1 second(s))"
"Total object scanned:";"4"
AVG Version: 8.5.421
Anti Virus Database has the Version: 270.14.5/2419
(In reply to comment #5)
Can we get this on a webpage from AVG so that we can link users to it?
|
|
||
Comment 10•16 years ago
|
||
A user on SUMO reported that the installer is being detected as "Trojan horse Downloader.BanloadAPJF" with virus database version 270.14.5/2419, so it appears that this is not fixed yet for all users.
|
|
Assignee | |
Comment 11•16 years ago
|
||
(In reply to comment #10)
> A user on SUMO reported that the installer is being detected as "Trojan horse
> Downloader.BanloadAPJF" with virus database version 270.14.5/2419, so it
> appears that this is not fixed yet for all users.
also AVG Version: 8.5.421? seems they have pushed also a program update recently
|
|
Assignee | |
Comment 12•16 years ago
|
||
also thehacker AV confirmed this problem is a result of a false-positive and now fixed
"The file is considering as a false positive so that our last update corrects that detail.
Yours sincerely,
Victor Arroyo Cauti.
Hacksoft"
|
||
Comment 13•16 years ago
|
||
I just got the same problem yesterday downloading the portuguese version.
It detects it as an trojan
Downloaded the english version and nothing it didn't.
|
Reporter | |
Comment 14•16 years ago
|
||
It seems to be happening again, but a different name this time. Its "Trojan-Downloader - Win32 Banload.aips"
See https://support.mozilla.com/en-US/forum/1/469767
|
|
Reporter | |
Comment 15•16 years ago
|
||
(In reply to comment #14)
> It seems to be happening again, but a different name this time. Its
> "Trojan-Downloader - Win32 Banload.aips"
>
> See https://support.mozilla.com/en-US/forum/1/469767
Now its zonealarm too... I guess i should have learned to read the thread in its entirety. But can anyone reproduce?
|
|
||
Comment 16•16 years ago
|
||
This is no longer being reported in support, it seems to be fixed in the latest AVG updates.
Keywords: common-issue+ → common-issue-
|
|
Assignee | |
Comment 17•16 years ago
|
||
(In reply to comment #16)
> This is no longer being reported in support, it seems to be fixed in the latest
> AVG updates.
thanks , marking as works for me
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•