Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Trojan found in downloaded STUB file

  • 4 답장
  • 1 이 문제를 만남
  • 1 보기
  • 최종 답변자: AntonyMagnus

more options

I recently downloaded Firefox Stub Installer and checked it through Anti Virus multiscanner and it reports the following:

Anity AVL Trojan/Win32.SGeneric

Cylance reports the file UNSAFE for use.

File looks ok and is digitally signed also. The only conclusion I can draw from this is Mozilla was somehow hacked or Mozilla is up to some nefarious deeds with end users. Either way I would like people to know and be aware.

I recently downloaded Firefox Stub Installer and checked it through Anti Virus multiscanner and it reports the following: Anity AVL Trojan/Win32.SGeneric Cylance reports the file UNSAFE for use. File looks ok and is digitally signed also. The only conclusion I can draw from this is Mozilla was somehow hacked or Mozilla is up to some nefarious deeds with end users. Either way I would like people to know and be aware.

선택된 해결법

AntonyMagnus said

The only conclusion I can draw from this is Mozilla was somehow hacked or Mozilla is up to some nefarious deeds with end users. Either way I would like people to know and be aware.

False positives happens every so often with new major or minor Firefox versions on Windows, especially after release or update and then gets fixed in a definitions update for antivirus client.

If this trojan claim was was indeed true then this would not be the only thread and would be a hot top here, at independent mozillaZine forums and elsewhere.

Except for many years ago (15+ ?) a contrib locale build of a Firefox Release perhaps being infected as Firefox did not have other locales officially for Releases until it got to version 1.0, there has not been any official builds of Firefox for Windows, Mac OSX, or Linux that did indeed come with something like a trojan or virus or such.

문맥에 따라 이 답변을 읽어주세요 👍 1

모든 댓글 (4)

more options

If you downloaded the installer from www.mozilla.org, than it is the official installer. It was likely a false positive. I'd suggest reporting to cylance that there is a false positive, and then updating your definitions

more options

AntonyMagnus said

I recently downloaded Firefox Stub Installer and checked it through Anti Virus multiscanner and it reports the following: Anity AVL Trojan/Win32.SGeneric Cylance reports the file UNSAFE for use. File looks ok and is digitally signed also.

You did this scan on Virustotal.com ?

Cylance has been doing a false positive with Firefox versions (both stub and setup for Windows) for perhaps over a year now and I have seen Anity do false positives on virustoal also. I remember seeing comments that Cylance in this case it's detection used on site is different from the application.

Also even though the stub installer concept (for Windows) on www.mozilla.org has existed since Firefox 18.0, it still occasionally gets false positives with some antivirus clients (after a recent new major or minor version release) while the full offline setups for Windows from www.mozilla.org/firefox/all/ rarely gets false positives in comparison.

글쓴이 James 수정일시

more options

선택된 해결법

AntonyMagnus said

The only conclusion I can draw from this is Mozilla was somehow hacked or Mozilla is up to some nefarious deeds with end users. Either way I would like people to know and be aware.

False positives happens every so often with new major or minor Firefox versions on Windows, especially after release or update and then gets fixed in a definitions update for antivirus client.

If this trojan claim was was indeed true then this would not be the only thread and would be a hot top here, at independent mozillaZine forums and elsewhere.

Except for many years ago (15+ ?) a contrib locale build of a Firefox Release perhaps being infected as Firefox did not have other locales officially for Releases until it got to version 1.0, there has not been any official builds of Firefox for Windows, Mac OSX, or Linux that did indeed come with something like a trojan or virus or such.

글쓴이 James 수정일시

more options

Thanks for your replies, I had no idea that it was a false positive. I figured it was but to be on the safe side I submitted the file to my own AV for analysis. I also thought it would be prudent to let Mozilla know of this potential breach. The file appeared to be legit and signed, but... you never know. It also pays in the end for everybody if Mozilla reviews its security. So this could be a good thing too?.

In another side note and somewhat off topic I also downloaded Comodo Dragon browser and had similar findings. Ikarus reported infections and I also reported it to them.


Lastly yes, I did use Virus Total I do it for all files now no matter what. I also utilize OPSWAT.

Thanks again!