NOD32 detects new heur_pe in Bitcoin

[giik]

Using hitman pro, the anti-virus tool detected a new heur_pe threat in Bitcoin. Is it possible that Bitcoin contains code of worms/trojans? Or is this a false positve.

Code:

bitcoin.exe
C:\Program Files (x86)\Bitcoin\

probably unknown NewHEUR_PE virus

[1714004038]

1714004038

[1714004038]

1714004038

[BitcoinFX]

I'm 100% certain that it is a 'false positive' NewHEUR_PE is a 'Heur'istic-based detection.

See: http://www.eset.com/threat-center/encyclopedia/glossary/newheurpe

I will repeat part of a previous post.

Let me explain further. Bitcoin is not a virus. What you have experienced is know as an anti-virus 'false positive' identification.

See: http://wikipedia.org/wiki/Antivirus_software#False_positives "A false positive is identifying a file as a virus when it is not a virus."

This often happens with 'new' software because anti-virus programs have never seen the program before. Anti-virus programs use Heuristic-based detection to try and identify unknown viruses, they basically guess if a program is malicious or not to try and 'protect' your PC.

Anti-virus programs are somewhat simple in this respect, however they must enforce an "It's better to be safe than sorry" policy to secure their customer base.

Maybe one day they will accept Bitcoins as payment for their products.

I'm going to send a copy of the Bitcoin.exe installers to as many security, anti-adware, anti-malware and anti-virus companies as I can find, for clarification.

This will make sure that Bitcoin is put on their 'allowed' list more quickly and will reduce the number of confused new users.

[BitcoinFX]

OK I have sent it to:

Jotti online file scanning service at http://virusscan.jotti.org/ - All participating AVs will get a copy

VirusTotal online file scanning service at http://www.virustotal.com/ - All participating AVs will get a copy

Also, Ad-aware ThreatWork and some other online scanners.

I don't expect them to report any real problems. However, this will help to get Bitcoin added to their users 'allowed' lists more quickly.

http://virusscan.jotti.org/en/scanresult/965fa033015c3f5be619dbe58dc5706dbde9fdec/2e346be0ba06c1c9a36b00705b92cd34f7d37893

https://www.virustotal.com/analisis/8fd5fefced48112b03e9683c52a62daac0b2e007a0a83dc4dd9b856d3dfbe487-1266194710

OK. All 'false positives' as far as I can gather !

[giik]

I thought so, but my boss wasn't so pleased to find out I had a "virus" on my computer. I will add the software to the "identify this as allowed software" list.

[bitcoinex]

Problem still exists and it frightens users.

[nelisky]

We all want / expect bitcoin to be viral, so let me fix this for you:

There is no bad virus inside bitcoin.

Or should we just state that bitcoin is the virus instead?

[nelisky]

Or should we just state that bitcoin is the virus instead?

That should be sufficiently confusing to still scare the average person. I think we should stay away from that.

Either your irony skills are much better than mine, or my irony skills suck to the point of them going unnoticed...

[bitcoinex]

You can see the code in sourceforge and compile that same code yourself, creating the same .exe files. There is no virus inside bitcoin.

Might be worth something to change in the official build?