Closed
Bug 521680
Opened 15 years ago
Closed 13 years ago
ZoneAlarm thinks firefox setup is trojan.
Categories
(Plugins Graveyard :: Checkpoint Zonealarm, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: tanner, Unassigned)
Details
This is about the same as Bug 520895 but Zonealarm, not AVG This time. We saw this on sumo a couple times.
Reporter | ||
Comment 2•15 years ago
|
||
Old bug, i've not seen any of this anymore. Resolved Invaild, for now.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
I'm not so sure that this issue is resolved. I went to the website at http://www.virustotal.com and ran the scans on the copy of Firefox_Setup_3.0.14.exe that I have on my computer. Zone Alarms antivirus scan gave the same results even though I have the latest updates. The following is the text from the Virus Total webpage after the scan. Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. File Firefox_Setup_3.0.14.exe received on 2009.12.24 07:10:08 (UTC) Current status: finished Result: 15/41 (36.59%) Antivirus Version Last Update Result a-squared 4.5.0.43 2009.12.24 Trojan-Downloader.Win32.Banload!IK AhnLab-V3 5.0.0.2 2009.12.23 Win-Trojan/Banload.4194304 AntiVir 7.9.1.122 2009.12.23 TR/Dldr.Banload.akdk Antiy-AVL 2.0.3.7 2009.12.24 Trojan/Win32.Banload.gen Authentium 5.2.0.5 2009.12.23 - Avast 4.8.1351.0 2009.12.23 - AVG 8.5.0.430 2009.12.23 - BitDefender 7.2 2009.12.24 - CAT-QuickHeal 10.00 2009.12.24 - ClamAV 0.94.1 2009.12.24 - Comodo 3349 2009.12.24 UnclassifiedMalware DrWeb 5.0.1.12222 2009.12.24 - eSafe 7.0.17.0 2009.12.23 - eTrust-Vet 35.1.7195 2009.12.24 - F-Prot 4.5.1.85 2009.12.23 File is damaged F-Secure 9.0.15370.0 2009.12.24 - Fortinet 4.0.14.0 2009.12.24 W32/Banload.AKDK!tr.dldr GData 19 2009.12.24 - Ikarus T3.1.1.79.0 2009.12.24 Trojan-Downloader.Win32.Banload Jiangmin 13.0.900 2009.12.23 - K7AntiVirus 7.10.926 2009.12.22 Trojan-Downloader.Win32.Banload.ajnp Kaspersky 7.0.0.125 2009.12.24 Trojan-Downloader.Win32.Banload.akdk McAfee 5841 2009.12.23 - McAfee+Artemis 5841 2009.12.23 - McAfee-GW-Edition 6.8.5 2009.12.24 Trojan.Dldr.Banload.akdk Microsoft 1.5302 2009.12.24 - NOD32 4713 2009.12.23 - Norman 6.04.03 2009.12.23 - nProtect 2009.1.8.0 2009.12.24 Trojan-Downloader/W32.Banload.4194304 Panda 10.0.2.2 2009.12.15 Suspicious file PCTools 7.0.3.5 2009.12.24 - Prevx 3.0 2009.12.24 - Rising 22.27.03.03 2009.12.24 - Sophos 4.49.0 2009.12.24 - Sunbelt 3.2.1858.2 2009.12.23 Trojan.Win32.Generic!BT Symantec 1.4.4.12 2009.12.24 - TheHacker 6.5.0.3.109 2009.12.23 Trojan/Downloader.Banload.ajig TrendMicro 9.120.0.1004 2009.12.24 - VBA32 3.12.12.0 2009.12.24 - ViRobot 2009.12.24.2106 2009.12.24 - VirusBuster 5.0.21.0 2009.12.23 - Additional information File size: 4194304 bytes MD5...: 5647882997a1b08b5ef851f4285f8e04 SHA1..: 5c01199a84e0aea06e704e22a638b6cb7a8fffbb SHA256: f6564389cd53d9dbb16e5da43805912affd796790f398c9e75b269adc6943cbd ssdeep: 98304:YTIMqtl+ySfOzDdkT/lMMUfw5eCfBMA/7:pKXOR8tzSeegJz PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x21d00 timedatestamp.....: 0x44e24a66 (Tue Aug 15 22:27:50 2006) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x17000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x18000 0xa000 0xa000 7.88 263bd459e6190104d6afd5ac7e9f5be8 .rsrc 0x22000 0x7000 0x6e00 5.83 8e6c4e7d9b8c22485560922dab94c76a ( 6 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess > COMCTL32.dll: - > MSVCRT.dll: exit > OLEAUT32.dll: - > SHELL32.dll: ShellExecuteExA > USER32.dll: SetTimer ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - sigcheck: publisher....: Mozilla copyright....: Mozilla product......: Firefox description..: Firefox original name: 7zS.sfx.exe internal name: 7zS.sfx file version.: 4.42 comments.....: n/a signers......: - signing date.: - verified.....: Unsigned packers (Antiy-AVL): UPX 0.89.6 - 1.02 / 1.05 - 1.22 trid..: UPX compressed Win32 Executable (39.5%) Win32 EXE Yoda's Crypter (34.3%) Win32 Executable Generic (11.0%) Win32 Dynamic Link Library (generic) (9.8%) Generic Win/DOS Executable (2.5%) packers (F-Prot): UPX, 7Z ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
Clearly many of the antivirus programs are still flagging the version of the Firefox setup program as infected. Note that I'm running Firefox 3.5.6 now and have run extensive antivirus and antispyware scans on my computer and it comes up clean.
Comment 5•15 years ago
|
||
Reopening per comments #3 and #4
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
Reporter | ||
Comment 6•14 years ago
|
||
Not closing, but i've heard almost no reports for quite a while. Feel free to close, if there are no objections.
Reporter | ||
Comment 7•14 years ago
|
||
Haven't heard anything about this since comment 3 and 4. ->wfm
Status: REOPENED → RESOLVED
Closed: 15 years ago → 14 years ago
Resolution: --- → WORKSFORME
We're now tracking such bugs. This doesn't mean it's something we can fix, merely something we hope to be able to point vendors to so they can investigate. This is an automated message.
Assignee: cbook → nobody
Status: RESOLVED → UNCONFIRMED
Component: General → Checkpoint Zonealarm
Ever confirmed: false
Product: Firefox → Plugins
QA Contact: general → checkpoint-zonealarm
Resolution: WORKSFORME → ---
Version: 3.5 Branch → unspecified
Reporter | ||
Updated•13 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago → 13 years ago
Resolution: --- → INVALID
Assignee | ||
Updated•8 years ago
|
Product: Plugins → Plugins Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•