Hello - My Sophos antivirus is hitting the recent update from FileZilla and removing this file...
Ref: C:\Windows\Temp\03d5ca3d-5146-11eb-9f32-24ee9a35253b\target.exe
Sophos Detecting FileZilla Update as a PUA.
Moderator: Project members
Re: Sophos Detecting FileZilla Update as a PUA.
False-positive. Don't tell us, tell Sophos.
Re: Sophos Detecting FileZilla Update as a PUA.
It looks like Grok was just trying to alert others of possible malware. The reason I'm here today and found this thread.
I see you're an Admin and have probably dealt with a plethora of posts covering the gamut of potential irritations. It was Grok's first post - maybe consider cutting some slack?
Your call whether my post should start a new thread.
Are you SURE it's a false-positive? I cannot determine if Grok's flagged file is the same as the one I've downloaded today.
On to why I'm here. Perhaps this should be in a new thread: I downloaded the latest FileZilla client (free version) from the official FileZilla site. "FileZilla_3.52.2_win64_sponsored-setup.exe". I was led to the site via a FileZilla client prompt to update to the latest version.
Upon running the .exe, Malwarebytes quarantined it as "Adware.FusionCore". Before you tell me to tell Malwarebytes, and not mention it here, VirusTotal (www.virustotal.com) reports 26 malware engines also detected it as containing malware! THAT is a problem! Screenshot attached.
Interestingly, Sophos was not on the list of engines flagging it. A different download Grok had, or he/she simply got further into the install before "target.exe" was flagged? Or, I have a different installer downloaded and that too is popping malware programs? Neither is great news - let's not shoot-the-messenger before knowing what's really going on.
I see you're an Admin and have probably dealt with a plethora of posts covering the gamut of potential irritations. It was Grok's first post - maybe consider cutting some slack?
Your call whether my post should start a new thread.
Are you SURE it's a false-positive? I cannot determine if Grok's flagged file is the same as the one I've downloaded today.
On to why I'm here. Perhaps this should be in a new thread: I downloaded the latest FileZilla client (free version) from the official FileZilla site. "FileZilla_3.52.2_win64_sponsored-setup.exe". I was led to the site via a FileZilla client prompt to update to the latest version.
Upon running the .exe, Malwarebytes quarantined it as "Adware.FusionCore". Before you tell me to tell Malwarebytes, and not mention it here, VirusTotal (www.virustotal.com) reports 26 malware engines also detected it as containing malware! THAT is a problem! Screenshot attached.
Interestingly, Sophos was not on the list of engines flagging it. A different download Grok had, or he/she simply got further into the install before "target.exe" was flagged? Or, I have a different installer downloaded and that too is popping malware programs? Neither is great news - let's not shoot-the-messenger before knowing what's really going on.
- Attachments
-
- 2021-01-25_124049.jpg (403.72 KiB) Viewed 3906 times
Re: Sophos Detecting FileZilla Update as a PUA.
Common practice for AV vendors copy each others signatures.
There is nothing wrong with the installer, it doesn't do anything the user doesn't want it to do.
There is nothing wrong with the installer, it doesn't do anything the user doesn't want it to do.
-
elizabeth
- 500 Command not understood
- Posts: 1
- Joined: 2021-02-15 16:07
- First name: elizabeth
- Last name: gonzalez
Re: Sophos Detecting FileZilla Update as a PUA.
Currently carbon black and symantec detect the latest version as malware and block the installation. how do we check that it is a clean file
Re: Sophos Detecting FileZilla Update as a PUA.
Easy, if they claim it is malware, ask them for details, what the exact mechanism of harm is. If it truly were malware, they can give you an answer in excruciating details. If they won't give a detailed answer, they are merely crying wolf.