Closed Bug 1382573 Opened 7 years ago Closed 7 years ago

ESET reports Firefox Unbranded Installer as containing a trojan

Categories

(Release Engineering :: Release Automation: Other, defect)

Product:
Release Engineering
Component:
Release Automation: Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: eros_uk, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
Build ID: 20170623154118

Steps to reproduce:

ESET Smart Security reports and cleans firefox-54.*.en-US.win32-add-on-devel.installer as having "Win32/Spy.Ursnif.BH trojan"
Component: Security → Release Automation
Product: Core → Release Engineering
QA Contact: catlee
Version: 54 Branch → ---
bugs 1181116, 1247732 are other recent false positive reports.
It is a false positive since I had already downloaded and installed those versions before. It has recently been added to ESET detection list.

The versions that I have on HD are FF54.0 b2 & b6
firefox-54.0.en-US.win32-add-on-devel.installer.exe
refreshing the scan adds one additional identification:
https://www.virustotal.com/en/file/030a0db380d884b05b384621145ea4b1a2119cee13bf4135e04fe0d34adde039/analysis/1500556899/

 Malware.Heuristic!ET#82% (cloud:EgKJNdohKwU)
ESET on virustotal now reports that this file is safe.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
> ESET on virustotal now reports that this file is safe.
I updated the virus database an hour ago and it is still marking them as unsafe.
Virus signature database version 15798 (20170724)
You need to log in before you can comment on or make changes to this bug.