We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Authentium alert: W32/Damaged_File.gen! ElDorado Appears to be malware. Is this true? The same alert appeared when trying to download Firefox too.

  • 4 odgovori
  • 1 ima ovaj problem
  • 1 view
  • Posljednji odgovor poslao BeachLvr

more options

Hello,

Command Anti-Malware is a provider of anti-virus protection software. It is displaying an alert that "THUNDERBIRD%20SETUP%2031" has been quarantined. The reason is an infection by "W32/Damaged_File.gen!Eldorado". Before installing either Thunderbird or Firefox, can someone describe the risks and how I delete this from my system?

Thanking you in advance.

Beachlvr

Hello, Command Anti-Malware is a provider of anti-virus protection software. It is displaying an alert that "THUNDERBIRD%20SETUP%2031" has been quarantined. The reason is an infection by "W32/Damaged_File.gen!Eldorado". Before installing either Thunderbird or Firefox, can someone describe the risks and how I delete this from my system? Thanking you in advance. Beachlvr

All Replies (4)

more options

Did you get your download from https://www.mozilla.org/en-US/thunderbird/all.html?

The warning from Authentium may be a false positive and hence safe to ignore, but I don't recognize the "2031" hence I'm doubtful about the authenticity of the downloaded file.

Izmjenjeno od strane Zenos

more options

Download the full Firefox setup for Windows from www.mozilla.org/firefox/all as some antivirus clients still give false positives on the stub installer even though the newer stub option has existed since Firefox 18.0.

However if you are downloading Firefox and Thunderbird from som download site instead of www.mozilla.org then there is a possibility they are not clean as Mozilla does not host any products on any download sites.

more options

BeachLvr said

Hello, Command Anti-Malware is a provider of anti-virus protection software. It is displaying an alert that "THUNDERBIRD%20SETUP%2031" has been quarantined. The reason is an infection by "W32/Damaged_File.gen!Eldorado". Before installing either Thunderbird or Firefox, can someone describe the risks and how I delete this from my system? Thanking you in advance. Beachlvr

Hi,

When I attempt to download from the Mozilla sites and save a copy of Stub 35.0, the message "Firefox Setup 35.0.exe might have been moved or deleted.".

more options

Update:

I just now tried to download Firefox and Thunderbird from the official Mozzila site. The message that pops up in IE is "Thunderbird Setup 31.4.exe might have been moved or deleted." This same message appears when trying to download either the Thunderbird or Firefox setup programs.

Saving the file does not complete. Here is the most recent file name from an attempt to download the Firefox setup executable: Thunderbird Setup 31.4.0.exe.6smjtgd.partial. This was saved to C:\users\bob\desktop\dowloads\firefox setup according to the Command Antivirus alert. The folder was not created and the download was not successful.

The other interesting fact is the download was for Thunderbird and the folder was firefox.

Finally, a pop-up box message in IE asks "Do you want to un or save Firefox Setup Stub 35.0.exe (237 KB) from download-installer.cdn.mozilla.net?" When I respond with either "run" or "save", the pop-up box message in IE responds "Firefox Setup Stub 35.0.exe might have been moved or deleted."