Trang web này sẽ có chức năng hạn chế trong khi chúng tôi trải qua bảo trì để cải thiện trải nghiệm của bạn. Nếu một bài viết không giải quyết được vấn đề của bạn và bạn muốn đặt câu hỏi, chúng tôi có cộng đồng hỗ trợ của chúng tôi đang chờ để giúp bạn tại @FirefoxSupport trên Twitter và /r/firefox trên Reddit.

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

Virustotal 3 anti-virus engines detecting FirefoxInstaller exe

  • 6 trả lời
  • 1 gặp vấn đề này
  • 3 lượt xem
  • Trả lời mới nhất được viết bởi Natalie

more options

I downloaded the Firefox installer from https://www.mozilla.org/en-US/firefox/download/thanks/ and scanned the file on Virustotal and 3 of the anti-virus engines detected it, 2 as trojan, 1 as malware. Here is the link to the VT scan: https://www.virustotal.com/gui/file/1f008f615561276c2c7c9dbf9ac07a0319dd7ec54d65f365d7e1cf2b5b70b216/detection. Is there a problem with this file?

I downloaded the Firefox installer from https://www.mozilla.org/en-US/firefox/download/thanks/ and scanned the file on Virustotal and 3 of the anti-virus engines detected it, 2 as trojan, 1 as malware. Here is the link to the VT scan: https://www.virustotal.com/gui/file/1f008f615561276c2c7c9dbf9ac07a0319dd7ec54d65f365d7e1cf2b5b70b216/detection. Is there a problem with this file?

Tất cả các câu trả lời (6)

more options

Hi Natalie, I have not heard of these antivirus engines before:

  • Antiy-AVL
  • Bkav
  • Jiangmin

If the small stub installer makes you nervous, do you want to check the full installer? You can download it from here:

https://www.mozilla.org/firefox/all/#product-desktop-release

The U.S. English 64-bit full installer for 73.0.1 has a detection on one engine on VirusTotal:

Someone who tested all recent versions of Firefox found Jiangmin shows the same detection for all of them: http://forums.mozillazine.org/viewtopic.php?p=14858115#p14858115

If that vendor's opinion is important to you, you'll need to inquire with them about that detection.

more options

Thank you for pointing that out. I searched before I asked about this here but didn't find that Mozillazine post. I was concerned that someone might have MITM'd me because I asked about this problem in another forum on a different site and a person there said that he downloaded Firefox files and didn't get any detections on Virustotal. So naturally I was worried getting 3 on the Firefox Installer. I've never heard of those anti-virus' either. So I'll verify the hashes for my Firefox downloads and install FF. Did you get those 3 detections on the FF Installer too?

more options

Hi Natalie, I did not test the small stub installer.

more options

The small stub installer needs to download the Firefox installation files from internet. Some AV software may find that suspicious and thus flag the installer despite the file being signed. If you have such AV software or otherwise want to be sure then best is to use the full installer.

more options

jscher2000 & cor-el,

Thanks for your info. I really appreciate it. I think I can go ahead and download the full installer, check the hash and then install Firefox now, knowing that I am not the only one that has detections for the Firefox files on Virustotal.

more options

cor-el said

The small stub installer needs to download the Firefox installation files from internet. Some AV software may find that suspicious and thus flag the installer despite the file being signed. If you have such AV software or otherwise want to be sure then best is to use the full installer.

Do you know what this means, I found it on the "Community" tab of the Virustotal detection scan for the 73.0.1 full installer downloaded from the link you posted above? It says this:

"#malware MIOCs - Latest Malware Analysis worldwide

  1. CodeGreenLabs

codegreen.ae"

And also on Virustotal, on the Behavior Tab:

Files Opened C:\Users\<USER>\AppData\Local\Google\Chrome\User Data\Local State C:\Users\<USER>\Searches\desktop.ini C:\Users\<USER>\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat C:\Users\<USER>\Videos\desktop.ini C:\Users\<USER>\Saved Games\desktop.ini C:\Users\desktop.ini C:\Users\<USER>\AppData\Local\Temp\7zs-sfx.pe32 C:\Users\<USER>\Pictures\desktop.ini C:\Windows\Fonts\staticcache.dat C:\Users\<USER>\Downloads\desktop.ini

I am trying to learn about what the other things on VT mean.

The hash that Virustotal gave me, d9557b6859c2872632abe36aa214cfb61e76e033bcb558fe76c28f8687f6c469, matches the hash from the mozilla hashes at https://ftp.mozilla.org/pub/firefox/releases/73.0.1/SHA256SUMS: d9557b6859c2872632abe36aa214cfb61e76e033bcb558fe76c28f8687f6c469 win64/en-US/Firefox Setup 73.0.1.exe

... if anyone's interested : )