1325761 - ClamAV virus reporting is marking omni.ja as infected with Win.Trojan.Toa-5370234-0

Status: RESOLVED WORKSFORME

(Firefox :: Untriaged, defect, P1)

Description

[komealy]

:: Developer Documentation Request

      Request Type: Correction
     Gecko Version: 50 Branch
 Technical Contact: 

:: Details

20161224 04:36:51 clamav scan -- scanning /usr --
/usr/lib/xulrunner-1.9.0.19/chrome/pippki.jar: Win.Trojan.Toa-5370234-0 FOUND
/usr/lib/xulrunner-1.9.1.9/chrome/pippki.jar: Win.Trojan.Toa-5370234-0 FOUND
/usr/lib/firefox/omni.ja: Win.Trojan.Toa-5370234-0 FOUND
/usr/lib/xulrunner-1.9.2.24/chrome/pippki.jar: Win.Trojan.Toa-5370234-0 FOUND

Comment 1

[Vlad Bacia-Mociran [:VladB]]

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:54.0) Gecko/20100101 Firefox/54.0

I have installed Clam AV, updated it to the latest virus version on a Ubuntu 14.04 machine and scanned /usr/lib/ folders. Also, I have downloaded latest Firefox release v51.0.1 and latest Nightly (Build ID: 20170202030211) from http://archive.mozilla.org/ , unpacked them and scanned them with ClamAV. In both cases there weren't any files infected. omni.ja file was not detected as a virus.

The files infected mentioned in comment 0 were from an archived version of Firefox or from a version that you built?

Is this still reproducible on your end ? If yes, can you please retest this using latest FF release and latest Nightly build (https://nightly.mozilla.org/) and report back the results ?

Comment 2

[Vlad Bacia-Mociran [:VladB]]

Considering the fact that I cannot reproduce this and the fact that the reporter did not answered to my request until now, I will mark this as Resolved-WFM

If anyone can still reproduce it on latest versions, feel free to reopen the issue and provide more information.