Title: Question to the developer - is the new 3.3.3 version safe? Post by: OfionZ on January 26, 2019, 06:11:27 AM Hello :)
Why VirusTotal shows so many viruses in the new (3.3.3) version. With the new version, everything is fine? VirusTotal: Trojan[Backdoor]/MSIL.SpyGate Trojan.Agent Trojan.Agent.bphf Trojan.Agent!jKOS93FSwZw Check it yourself, I can not attach a screenshot (forum restriction) Please do not throw stones at me ;D (if I'm wrong), and help with the answer Thanks in advance for the answer Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: nc50lc on January 26, 2019, 06:24:02 AM Where did you get that version of Electrum?
Make sure that the URL has the correct domain and extension; it should be electrum.org (http://electrum.org), not (dot)com or (dot)cf or anything. I'm currently downloading the latest version from the official site to check this myself. I'll edit this later. -edit- My AV can't seem to find any Viruses in the Latest Version, it should be safe as long as it came from the official site (at least for Windows version). If you've downloaded this version from a link on an error message (https://bitcointalk.org/index.php?topic=5090097.0), move your funds to a safe newly created wallet in a different PC installed with the original Electrum immediately! VirusTotal's scan result: VirusTotalURL=https://download.electrum.org/3.3.3/electrum-3.3.3-setup.exe (https://www.virustotal.com/#/url/4b44a67fbc17b620415c333310a0e5fe6c8599d68a0edc456ed17b8b5fb4417a/detection) Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: OfionZ on January 26, 2019, 08:59:46 AM Where did you get that version of Electrum? https://electrum.org/#download - The site is correct, I use bookmarks and always check the correctness (+ certificate) - I checked PGP everything is fine with that. Quote VirusTotal's scan result: VirusTotalURL=https[Suspicious link removed] I checked another way on VirusTotal: You have inserted a download link in Virustotal: https[Suspicious link removed] and your way - everything is clean -------------------------------------------------------------------------------------------------- I downloaded Electrum on my computer and without opening went to the site VirusTotal and downloaded the installation file Electrum there. -------------------------------------------------------------------------------------------------- Electrum Portable: https://www.virustotal.com/#/file/09e877b25a518eba9c4b2b874f4af980f577764065e841e9066c15d7e802610a/detection already there the comment is not from me and: Trojan[Backdoor]/MSIL.SpyGate Trojan.Agent Trojan.Agent.bphf Trojan.Agent!jKOS93FSwZw electrum-3.3.3-setup.exe https://www.virustotal.com/#/file/9b04b1b2ddfab519b0164f08d2cd35cec04b15526184a0fa78214e96d86a8260/detection Trojan[Backdoor]/MSIL.SpyGate Trojan.Agent Malware.Heuristic.MLite(100%) (AI-LITE:NmNSvIy+dMCf6QUCQvBa/A) Trojan.Agent!jKOS93FSwZw already there the comment is not from me I asked a friend to download from the official site Electrum and also to check. He has the same thing = also shows viruses Check in the same way (download the file) and send it to check for VirusTotal Developer give the answer. Everything is fine with this, or something is wrong. It's safe? Can you explain why these viruses are not harmful? [/color] Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: nc50lc on January 26, 2019, 09:40:58 AM I asked a friend to download from the official site Electrum and also to check. He has the same thing = also shows viruses Does your friend often exchanges files with you? Do you have an antivirus installed? AFAIK, that virus was known to immediately infect every .exe files in the system.There's a chance that you and your friend's PC are both already compromised before, and that detection/infection didn't originated from the downloaded Electrum executable. Try to upload to VT a file (any .exe file in your system), if it's positive, your system was compromised through other means. Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: OfionZ on January 26, 2019, 09:53:47 AM Download the Electrum file to your computer, and then send it to VirusTotal, send a link here.
I have a license ESET SMART INTERNET SECURITY. Again, antivirus is not a panacea = I agree Listen, you do (please do) as I say: - download any version Electrum on your "Clean PC" - upload this fail to VirusTotal - send a link here And keep telling me about the viral comp, the viral comp of my friend, etc... Do so please. And then write your arguments. Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: OfionZ on January 26, 2019, 10:38:59 AM If you still think the installer contain virus, you should compile from the source code by yourself (assuming you trust the developer/website don't put any backdoor) I don't even understand how this is done. I just need answers. Are these viruses harmless? I also checked the signatures - I, too, all agree, I downloaded what gives the official website Electrum Who can answer, I need Windows users. Or maybe the moderator of this topic will give an answer. Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: tema on January 26, 2019, 01:04:01 PM Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: Lucius on January 26, 2019, 01:45:23 PM I don't even understand how this is done. I just need answers. Are these viruses harmless? The big probability is that it's about false positive detection by some antivirus engines, and this is not anything that has not happened before. Actually there are no viruses in Electrum files, there are some files that are detected as viruses/malware. After some time those AV will update their definitions and that will fix problem with false positive detection. It seems that the problem may be in PyInstaller 3.4 which is used in version 3.3.x+, and some users explain that this is why some AV gives those warnings. I personally would not be worried too much about it, but if you want more secure way to handling you coins think about hardware wallets. https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953 https://github.com/spesmilo/electrum/issues/3198 Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: TryNinja on January 26, 2019, 01:45:35 PM It’s an false positive. This happens with most (if not all) versions of Electrum.
Who cares about those 4 random anti-virus anyways? Notice how any major anti-virus says the file is clean. It’s harmless. Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: OfionZ on January 26, 2019, 03:01:26 PM Lucius
Thank you very much for the help, for the links. TryNinja Thank you. Thank you, well, I also thought that everything was fine. Just the first time I downloaded Electrum (I have never used it) and then immediately such "problems"... ETFBitcoin, tema Thanks for doing as I asked. I could not agree in this situation - that the fault is my computer GL ;) Title: Re: Question to the developer - is the new 3.3.3 version safe? Post by: Rayser on January 29, 2019, 07:32:39 AM Did you verify the PGP signature? If so, go on.
|