Closed Bug 353195 Opened 19 years ago Closed 19 years ago

xpicleanup.exe reported as trojan

Categories

(Firefox Build System :: General, defect)

x86
Windows XP
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED INVALID

People

(Reporter: rh59er, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060917 BonEcho/2.0 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060917 BonEcho/2.0 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060917 BonEcho/2.0 - Build ID: 2006091703 nightly build. Trojan detected in xpicleanup.exe AVG Free found Trojan horse PSW.Generic2.ILX in C:\Program Files\Firefox\xpicleanup.exe Running on 2 machines. Replicated itself 18 times on one machine and 36 times on my main machine as a numbered .exe file residing in C:\Program Files\Firefox\xpicleanup.exe Reproducible: Always Actual Results: AVG Free detected and 'healed'. Just downloaded, but not umpacked latest nightly zip /pub/mozilla.org/firefox/tinderbox-builds/pacifica-vm-mozilla1.8 AVG found 1 infected file.
This is probably just a false positive, and I can't coerce any information out of Google or the AVG website.
Bon Echo just updated itself and I got another warning from AVG. Same file.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060917 BonEcho/2.0 I get also every day a virus warning, but in my case the antivirus software sees a virus signature in urlclassifier2.sqlite in my branch profile. Every day a new fresh virus, generated by Firefox seems plain nonsense to me.
The trojan report is bogus. The xpicleanup.exe file from the 20060916 and 0918 builds are identical in size, and differ by only a single byte (cmp says at char 249, line 2). Builds are also virus scanned automatically. Please tell AVG that they are making false reports.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
the urlclassifier2.sqlite report in comment 3 might be related to https://bugzilla.mozilla.org/show_bug.cgi?id=329715 try removing the file and see if the reports go away.
I sent a request to http://www.grisoft.com/doc/28637/lng/us/tpl/tpl01 to have the signature that AVG Free is detecting in xpicleanup.exe removed as a false postitive, or provide us with more details on any possible problem.
cool! good work.
Component: Build Config → General
Product: Firefox → Firefox Build System
You need to log in before you can comment on or make changes to this bug.