Hello all.
I recently downloaded firefox from the official site as per usual (windows version) and I ran a virustotal check and got a trojan positive.
The md5sum is: 4409905bd4544c6f45e4d5737f130d75
The sha256sum is:
d390bfce3fed1be8c153aebfb9f28043981071b5338745e9207547178f32bf64
Please verify if this file is legitamate.
Maybe try installing trough a package manager like Winget or Chocolatey
I have read on the firefox forum that this particular anti-malware engine flags these like that. I just want to know to be sure. Is there somewhere where I can check if it was officially generated by firefox (other than the signature which seems legit)
Follow up:
Ok so aparently 7z compression is the culprit. If I extract the file. There is a setup-stub.exe file that shows clear in there.
It’s signed by Mozilla (extremely unlikely that’s a virus unless they got hacked) and it’s detected as trojan only by “max secure”, a questionable snake oil product that is like a broken clock, correct only twice a day
Conclusion: it’s safe
I’ve been using computers for 30 years and never once has an antivirus program been helpful or accurate. But yeah, I don’t download and click on random stuff from the web.
Crowdstrike managed to create a lot of free time for some workers
I got it from the official website.
I think it’s a false positive.