Closed
Bug 344097
Opened 18 years ago
Closed 8 years ago
when opening Bon Echo, an alert from AVAST detected Win32:Sality-W
Categories
(Plugins Graveyard :: Avast AV, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: tigger05505, Unassigned)
References
()
Details
Attachments
(1 file)
149.27 KB,
image/jpeg
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a3) Gecko/20060707 BonEcho/2.0a3 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a3) Gecko/20060707 BonEcho/2.0a3 C:\PROGRA~1\BONECH~1\updates\0\updater.exe Win32:Sality-W Virus/Worm 0628-0, 07/10/2006 Unsure if this was indeed a worm or just acting like one, but had to hit ignore for activity for BON ECHO to visit upgrading manually. Reproducible: Always Steps to Reproduce: 1. Click ICON for Bon Echo 2. AVAST has detected Win32:Sality-W in C:\PROGRA~1\BONECH~1\updates\0\updater.exe 3. Clicked ignore for Bon Echo to launch and manually down Nightly Install NOTE ** This is the first time I've seen this reaction to anti-virus previous builds did not act like this. To determine if this is a real threat, please run viral sweep on nightly build. Would not like to have this embeded before we release Firefox 2.
Comment 1•18 years ago
|
||
Have you confirmed that your system is clean ? It could be that you acquired this virus since you last installed a nightly build.
Comment 2•18 years ago
|
||
Seems like a false positive to me. You can see this very often with AVG, Avast and previously also with Antivir. Antivir has changed into Avira and I have never seen mis detection anymore.
Comment 3•18 years ago
|
||
*** Bug 344112 has been marked as a duplicate of this bug. ***
Comment 4•18 years ago
|
||
Per Bug 344112 and comment #0 this affects software update (e.g. updater.exe) and not the installer. Over to Software Update This appears to be a false positive detected by Avast.
Component: Installer → Software Update
QA Contact: installer → software.update
Comment 5•18 years ago
|
||
For the record, we received today in Mozilla Europe emails two similar reports from AVAST users, both found this virus in updater.exe in regular mozilla firefox builds (1.5.0.4) downloaded from mozilla.com/mozilla europe. One of the reports had a screen capture which confirmed that the Avast version was also 0628-0. I haven't been able to reproduce this bug on my windows partition with avast installed, maybe the problem is only affecting one specific mirror ? Marking as New since we have already 4 different people who witnessed it in the last hours, probably a false positibe though.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 6•18 years ago
|
||
Pascal, could you attach the screen shot to this bug?
Comment 7•18 years ago
|
||
adding screenshot
Comment 8•18 years ago
|
||
Just in case could you get a copy of updater.exe from one of the people that reported this and attach it to this bug? I've also tried to reproduce without any success but I am using 0628-1.
Comment 9•18 years ago
|
||
Found the following and it appears this was a false positive and is already fixed in the latest Avast virus definitions http://forum.avast.com/index.php?topic=22075.0
Comment 10•18 years ago
|
||
ok, marking as INVALID
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 11•18 years ago
|
||
The Virus has been contained, but was detected after AVAST ran a scheduled bootg scan and found it the root directory along with the directory for Bon-Echo. Since I removed the nightly built and download the new version of MindField situation was contained. But the screenshot was exactly what i Had just could not be contained or deleted until the product was fully removed.
Assignee | ||
Updated•16 years ago
|
Product: Firefox → Toolkit
Comment 12•13 years ago
|
||
We're now tracking such bugs. This doesn't mean it's something we can fix, merely something we hope to be able to point vendors to so they can investigate. This is an automated message.
Status: RESOLVED → UNCONFIRMED
Component: Application Update → Avast AV
Ever confirmed: false
Product: Toolkit → Plugins
QA Contact: application.update → avast-antivirus
Resolution: INVALID → ---
Comment 13•8 years ago
|
||
Closing old bugs in the Plugins component. We aren't going to track issues in 3rd-party plugins in the Mozilla bug tracker. In addition, support for NPAPI plugins will be removed at the end of this year; for more details see the post at https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/ If there is a serious bug in Firefox, it needs to be filed in the "Core" product, "Plug-Ins" component.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago → 8 years ago
Resolution: --- → INCOMPLETE
Assignee | ||
Updated•8 years ago
|
Product: Plugins → Plugins Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•