search

secondlife / jira-archive

2 stars 0 forks source link

[BUG-40899] Viewer 4.1.2.321604 infected #12510

Open sl-service-account opened 7 years ago

sl-service-account commented 7 years ago

Steps to Reproduce

  1. Install Viewer-4.1.2.321604
  2. Go to www.virustotal.com and chek .exe files from C:\Program Files (x86)\SecondLifeProjectVMP

Actual Behavior

apply_update.exe: Win32.Trojan.WisdomEyes.16070401.9500.9898, malicious_confidence_61% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.vc, HEUR/QVM10.1.0000.Malware.Gen; download_update.exe: Win32.Trojan.WisdomEyes.16070401.9500.9870, malicious_confidence_60% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.wc, HEUR/QVM10.1.0000.Malware.Gen; SL_Launcher.exe: trojan.win32.swrort.a, BehavesLike.Win32.Generic.wc, HEUR/QVM10.1.0000.Malware.Gen; slplugin.exe: W32.eHeur.Malware11, HEUR/QVM10.1.0000.Malware.Gen; update_manager.exe: Win32.Trojan.WisdomEyes.16070401.9500.9880, malicious_confidence_61% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.wc, HEUR/QVM10.1.0000.Malware.Gen; win_crash_logger.exe: HEUR/QVM10.1.0000.Malware.Gen

Expected Behavior

all .exe files are clear

Other information

Original Jira Fields | Field | Value | | ------------- | ------------- | | Issue | BUG-40899 | | Summary | Viewer 4.1.2.321604 infected | | Type | Bug | | Priority | Unset | | Status | Accepted | | Resolution | Accepted | | Reporter | AnnaT ProductEngine (annat.productengine) | | Created at | 2016-11-14T11:05:31Z | | Updated at | 2016-11-14T17:45:22Z | ``` { 'Business Unit': ['Platform'], 'Date of First Response': '2016-11-14T11:44:46.562-0600', 'ReOpened Count': 0.0, 'Severity': 'Unset', 'System': 'SL Viewer', 'Target Viewer Version': 'viewer-development', 'What just happened?': 'apply_update.exe: Win32.Trojan.WisdomEyes.16070401.9500.9898, malicious_confidence_61% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.vc, HEUR/QVM10.1.0000.Malware.Gen; \r\ndownload_update.exe: Win32.Trojan.WisdomEyes.16070401.9500.9870, malicious_confidence_60% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.wc, HEUR/QVM10.1.0000.Malware.Gen;\r\nSL_Launcher.exe: trojan.win32.swrort.a, BehavesLike.Win32.Generic.wc, HEUR/QVM10.1.0000.Malware.Gen;\r\nslplugin.exe: W32.eHeur.Malware11, HEUR/QVM10.1.0000.Malware.Gen; \r\nupdate_manager.exe: Win32.Trojan.WisdomEyes.16070401.9500.9880, malicious_confidence_61% (D), trojan.win32.swrort.a, BehavesLike.Win32.MultiPlug.wc, HEUR/QVM10.1.0000.Malware.Gen;\r\nwin_crash_logger.exe: HEUR/QVM10.1.0000.Malware.Gen', 'What were you doing when it happened?': '1. Install Viewer-4.1.2.321604\r\n2. Go to www.virustotal.com and chek .exe files from C:\\Program Files (x86)\\SecondLifeProjectVMP', 'What were you expecting to happen instead?': 'all .exe files are clear', } ```
sl-service-account commented 7 years ago

Kyle Linden commented at 2016-11-14T17:44:47Z

These are likely false positives for new exe files.