|
Title: NOD32 detects new heur_pe in Bitcoin Post by: giik on February 15, 2010, 03:52:43 PM Using hitman pro, the anti-virus tool detected a new heur_pe threat in Bitcoin. Is it possible that Bitcoin contains code of worms/trojans? Or is this a false positve.
Code: bitcoin.exe Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: BitcoinFX on February 15, 2010, 04:58:02 PM I'm 100% certain that it is a 'false positive' NewHEUR_PE is a 'Heur'istic-based detection.
See: http://www.eset.com/threat-center/encyclopedia/glossary/newheurpe I will repeat part of a previous post. Let me explain further. Bitcoin is not a virus. What you have experienced is know as an anti-virus 'false positive' identification. See: http://wikipedia.org/wiki/Antivirus_software#False_positives "A false positive is identifying a file as a virus when it is not a virus." This often happens with 'new' software because anti-virus programs have never seen the program before. Anti-virus programs use Heuristic-based detection to try and identify unknown viruses, they basically guess if a program is malicious or not to try and 'protect' your PC. Anti-virus programs are somewhat simple in this respect, however they must enforce an "It's better to be safe than sorry" policy to secure their customer base. Maybe one day they will accept Bitcoins as payment for their products. ;D I'm going to send a copy of the Bitcoin.exe installers to as many security, anti-adware, anti-malware and anti-virus companies as I can find, for clarification. This will make sure that Bitcoin is put on their 'allowed' list more quickly and will reduce the number of confused new users. Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: BitcoinFX on February 15, 2010, 05:13:44 PM OK I have sent it to:
Jotti online file scanning service at http://virusscan.jotti.org/ - All participating AVs will get a copy VirusTotal online file scanning service at http://www.virustotal.com/ - All participating AVs will get a copy Also, Ad-aware ThreatWork and some other online scanners. I don't expect them to report any real problems. However, this will help to get Bitcoin added to their users 'allowed' lists more quickly. 8) http://virusscan.jotti.org/en/scanresult/965fa033015c3f5be619dbe58dc5706dbde9fdec/2e346be0ba06c1c9a36b00705b92cd34f7d37893 https://www.virustotal.com/analisis/8fd5fefced48112b03e9683c52a62daac0b2e007a0a83dc4dd9b856d3dfbe487-1266194710 OK. All 'false positives' as far as I can gather ! Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: giik on February 15, 2010, 07:20:32 PM I thought so, but my boss wasn't so pleased to find out I had a "virus" on my computer. I will add the software to the "identify this as allowed software" list.
Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: bitcoinex on November 26, 2010, 04:31:33 AM Problem still exists and it frightens users.
Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: nelisky on November 26, 2010, 03:21:07 PM We all want / expect bitcoin to be viral, so let me fix this for you:
There is no bad virus inside bitcoin. Or should we just state that bitcoin is the virus instead? :) Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: nelisky on November 26, 2010, 05:48:47 PM Or should we just state that bitcoin is the virus instead? :) That should be sufficiently confusing to still scare the average person. I think we should stay away from that. Either your irony skills are much better than mine, or my irony skills suck to the point of them going unnoticed... Title: Re: NOD32 detects new heur_pe in Bitcoin Post by: bitcoinex on December 05, 2010, 02:21:40 PM You can see the code in sourceforge and compile that same code yourself, creating the same .exe files. There is no virus inside bitcoin. Might be worth something to change in the official build? |