Opera installer (Opera_NI_stable.exe) v24.0.1558.64 detected as threat by ESET Endpoint Antivirus
-
finnoybu last edited by
Date Occurred 2014-10-08 15:46:07
Level Critical Warning
Scanner HTTP filter
Object file
Name http://net.geo.opera.com/opera/stable/windows?http_referrer=http://www.bing.com/search_q_download+opera_src_IE-TopResult_FORM_IE10TR&utm_source=bing_via_opera_com&utm_medium=ose&utm_campaign=bing_ose_via_opera_com&utm_term=download+opera
Threat a variant of Win32/NetInstaller.A potentially unwanted application
Information Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.VirusTotal results: https://www.virustotal.com/en/file/2ab2b753fd826263068f2610d3ebc902970057e3497c7afc855bf5df215b4d31/analysis/
-
blackbird71 last edited byIt sounds as if ESET needs to tweak NOD32's heuristics detector a bit, particularly in light of the reality that none of the other VirusTotal AV engines issued so much as a burp.
-
finnoybu last edited by
Indeed, blackbird. If anything, I posted this so people were aware of the potential false positive. The new signatures came out earlier today & we received notifications from a couple of machines that had the latest installer sitting in their downloads folder.
I've submitted the file to Eset for further analysis, along with a link to the VirusTotal report.
