Bitcoin Forum
November 14, 2024, 01:42:24 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Question to the developer - is the new 3.3.3 version safe?  (Read 259 times)
OfionZ (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
January 26, 2019, 06:11:27 AM
 #1

Hello  Smiley

Why VirusTotal shows so many viruses in the new (3.3.3) version. With the new version, everything is fine?


VirusTotal:

Trojan[Backdoor]/MSIL.SpyGate
Trojan.Agent
Trojan.Agent.bphf
Trojan.Agent!jKOS93FSwZw



Check it yourself, I can not attach a screenshot (forum restriction)



Please do not throw stones at me  Grin (if I'm wrong), and help with the answer
Thanks in advance for the answer





nc50lc
Legendary
*
Offline Offline

Activity: 2590
Merit: 6393


Self-proclaimed Genius


View Profile
January 26, 2019, 06:24:02 AM
Last edit: January 26, 2019, 06:47:54 AM by nc50lc
 #2

Where did you get that version of Electrum?
Make sure that the URL has the correct domain and extension; it should be electrum.org, not (dot)com or (dot)cf or anything.

I'm currently downloading the latest version from the official site to check this myself. I'll edit this later.

-edit-
My AV can't seem to find any Viruses in the Latest Version, it should be safe as long as it came from the official site (at least for Windows version).
If you've downloaded this version from a link on an error message, move your funds to a safe newly created wallet in a different PC installed with the original Electrum immediately!

VirusTotal's scan result: VirusTotalURL=https://download.electrum.org/3.3.3/electrum-3.3.3-setup.exe

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
OfionZ (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
January 26, 2019, 08:59:46 AM
 #3

Where did you get that version of Electrum?

https://electrum.org/#download

- The site is correct, I use bookmarks and always check the correctness (+ certificate)

- I checked PGP everything is fine with that.

Quote
VirusTotal's scan result: VirusTotalURL=https[Suspicious link removed]

I checked another way on VirusTotal:

You have inserted a download link in Virustotal: https[Suspicious link removed]

and your way - everything is clean

--------------------------------------------------------------------------------------------------

I downloaded Electrum on my computer and without opening went to the site VirusTotal and downloaded the installation file Electrum there.

--------------------------------------------------------------------------------------------------

Electrum Portable:

https://www.virustotal.com/#/file/09e877b25a518eba9c4b2b874f4af980f577764065e841e9066c15d7e802610a/detection

already there the comment is not from me

and:

Trojan[Backdoor]/MSIL.SpyGate
Trojan.Agent
Trojan.Agent.bphf
Trojan.Agent!jKOS93FSwZw



electrum-3.3.3-setup.exe

https://www.virustotal.com/#/file/9b04b1b2ddfab519b0164f08d2cd35cec04b15526184a0fa78214e96d86a8260/detection

Trojan[Backdoor]/MSIL.SpyGate
Trojan.Agent
Malware.Heuristic.MLite(100%) (AI-LITE:NmNSvIy+dMCf6QUCQvBa/A)
Trojan.Agent!jKOS93FSwZw


already there the comment is not from me

I asked a friend to download from the official site Electrum and also to check. He has the same thing = also shows viruses


Check in the same way (download the file) and send it to check for VirusTotal

Developer give the answer. Everything is fine with this, or something is wrong. It's safe? Can you explain why these viruses are not harmful?
[/color]

nc50lc
Legendary
*
Offline Offline

Activity: 2590
Merit: 6393


Self-proclaimed Genius


View Profile
January 26, 2019, 09:40:58 AM
 #4

I asked a friend to download from the official site Electrum and also to check. He has the same thing = also shows viruses
Does your friend often exchanges files with you? Do you have an antivirus installed? AFAIK, that virus was known to immediately infect every .exe files in the system.

There's a chance that you and your friend's PC are both already compromised before, and that detection/infection didn't originated from the downloaded Electrum executable.
Try to upload to VT a file (any .exe file in your system), if it's positive, your system was compromised through other means.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
OfionZ (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
January 26, 2019, 09:53:47 AM
 #5

Download the Electrum file to your computer, and then send it to VirusTotal, send a link here.


I have a license ESET SMART INTERNET SECURITY. Again, antivirus is not a panacea = I agree


Listen, you do (please do) as I say:

- download any version Electrum on your "Clean PC"

- upload this fail to VirusTotal

- send a link here

And keep telling me about the viral comp, the viral comp of my friend, etc...

Do so please. And then write your arguments.

OfionZ (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
January 26, 2019, 10:38:59 AM
 #6

If you still think the installer contain virus, you should compile from the source code by yourself (assuming you trust the developer/website don't put any backdoor)


I don't even understand how this is done.

I just need answers. Are these viruses harmless?

I also checked the signatures - I, too, all agree, I downloaded what gives the official website Electrum

Who can answer, I need Windows users.

Or maybe the moderator of this topic will give an answer.



tema
Hero Member
*****
Offline Offline

Activity: 715
Merit: 500



View Profile WWW
January 26, 2019, 01:04:01 PM
 #7

 same here on portable version


✔ Freedom ✔ Reliability ✔ Global accessibility BITCOIN ✔ Trust and Integrity ✔ Independence
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6151


Crypto Swap Exchange🈺


View Profile WWW
January 26, 2019, 01:45:23 PM
Merited by ABCbits (1)
 #8

I don't even understand how this is done.
I just need answers. Are these viruses harmless?

The big probability is that it's about false positive detection by some antivirus engines, and this is not anything that has not happened before. Actually there are no viruses in Electrum files, there are some files that are detected as viruses/malware. After some time those AV will update their definitions and that will fix problem with false positive detection.

It seems that the problem may be in PyInstaller 3.4 which is used in version 3.3.x+, and some users explain that this is why some AV gives those warnings. I personally would not be worried too much about it, but if you want more secure way to handling you coins think about hardware wallets.

https://github.com/spesmilo/electrum/issues/4986#issuecomment-451385953

https://github.com/spesmilo/electrum/issues/3198

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
TryNinja
Legendary
*
Offline Offline

Activity: 3024
Merit: 7442


Top Crypto Casino


View Profile WWW
January 26, 2019, 01:45:35 PM
 #9

It’s an false positive. This happens with most (if not all) versions of Electrum.

Who cares about those 4 random anti-virus anyways? Notice how any major anti-virus says the file is clean. It’s harmless.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
OfionZ (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
January 26, 2019, 03:01:26 PM
 #10

Lucius

Thank you very much for the help, for the links.


TryNinja

Thank you.

Thank you, well, I also thought that everything was fine. Just the first time I downloaded Electrum (I have never used it) and then immediately such "problems"...


ETFBitcoin, tema

Thanks for doing as I asked. I could not agree in this situation - that the fault is my computer


GL  Wink
Rayser
Newbie
*
Offline Offline

Activity: 28
Merit: 2


View Profile
January 29, 2019, 07:32:39 AM
 #11

Did you verify the PGP signature? If so, go on.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!