Topic: AVG Antivirus finds a new Generic24.BZCM signature (Read 1320 times)
I just updated AVG and scanned. It no longer finds a problem. They must have fixed it...
Also not sure if others saw this to, but my wallet became corrupted. I guess this was because AVG halted the process in the middle of it doing something?
Luckily I had a backup and only 0.5 BTC in it anyway and downloaded a fresh blockchain and ran with -rescan and all looks fine.
I have reported to AVG.
Bet it would help if lots of people did.
Instructions are at:
http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395
Bet it would help if lots of people did.
Instructions are at:
http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395
Yes getting issue too. Will report to AVG.
What you see is:
I checked the sha1 of the binary (using http://support.microsoft.com/kb/841290) and is:
I also redownloaded the binary from:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.24/
and the SHA1 of the binary in this package matches the one above and the SHA1 of the zip matches the sha1 in the signed txt file on sourceforge (can someone just double check that the signature below is valid? As I do not have a good public key for it.
Conclusion is that AVG is wrong (once someone checks the signature below).
To work around the issue
Open AVG app by double clicking on icon in tray.
Doubleclick on Resident Shield
Click on Manage Exceptions
Select the bitcoin binary.
THIS IS DANGEROUS as I do not know if AVG will spot if you change the binary to a different one that is infected?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
4909c17a1cc025c6f6c88d036f0b487c51c510f6 bitcoin-0.3.24-linux.tar.gz
fed0afebe0b0c0f77a637600ac4abecbe5d098ed bitcoin-0.3.24-macosx.zip
58531249230f769fdc755822b41e0f18ba59512c bitcoin-0.3.24-src.tar.gz
d4b5425eff673551a326d5326b92a06359dc1a3d bitcoin-0.3.24-win32-setup.exe
520aed70ee28a0a91ed49dd983639cb1fab2a93c bitcoin-0.3.24-win32.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIVAwUBTiTMHNodwg8tvwyoAQL8CRAAgraSWP12lbwrhpiElvB7LIWoPbiE1dUx
i2ZO4MVJYKMbyuHu55j1Uq7a4ZqpNhXqq7U6efnoDTCl9sdpyhKxiql0SpsYBLs1
IehX4UEVGVMUE5uepmOs+cYnYuAhNzvxNqKFPv3D7uEOXPmSxlUa4s0GEnTgVR1l
0GFYf2T615MoGAak3+afahp4WB4XlHshttHT2P3o2/7N4Oh7iwFFtkmOj/Sb3Prc
C8skW83kUZ4i8W1HlZTmtr4YlQbKnx6bF6mbkTY1aQa1AV/8htenALkmR2+eCgsd
EY9WM8qruxnVLt/ao+VYw5jYLSYVKHt31ZD4rJM+5lKcTtU1NmNsGloen+hdLwC+
hggqnUQmvBzM7SKqvg4zI9SbgGR5fS3poTrFX7yDKZyLSPcjBND/lWi8evRiSEP0
yftCKL7zotdRy6QTG7tI1Fye1fyYuQdTB1nimE+7VJ8Q2O4DwE0iZKMuXm3GfaOr
T20Znvns9caMKED9T1gg42QgYM6EMMbeukBUkIXPt2tloDnn2tMzvvrKzgGBS1Lc
qv2ndhBCunBxNCQCHly4T2Rz8TJnm2XglS0d/VygcMuMSL0San5DwXYNnN4P0xD/
MXOdqrxcusIzKBbSHWPqInRmYUTymDtcqXWK3Cz6kRUXjBkRoSvDs8PBAvnaC236
1xol6uyMqZo=
=aMy0
-----END PGP SIGNATURE-----
Code:
VirSCAN.org Scanned Report :
Scanned time : 2011/09/13 03:51:53 (CEST)
Scanner results: 3% Scanner(s) (1/37) found malware!
File Name : bitcoin.exe
File Size : 10949632 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 80a9fdb41380a8e24f5aaff42a8c6e7d
SHA1 : 5fcef94ff6ba494e1e98cf47736473663733272e
Online report : http://r.virscan.org/bd8eee25fef51709166d4016a234c6b0
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.3 20110913020625 2011-09-13 0.97 -
AhnLab V3 2011.09.12.01 2011.09.12 2011-09-12 2.18 -
AntiVir 8.2.6.60 7.11.14.180 2011-09-12 0.28 -
Antiy 2.0.18 20110913.12455110 2011-09-13 0.02 -
Arcavir 2011 201109061639 2011-09-06 2.46 -
Authentium 5.1.1 201109121948 2011-09-12 1.78 -
AVAST! 4.7.4 110912-1 2011-09-12 0.95 -
AVG 8.5.850 271.1.1/3893 2011-09-13 0.23 Generic24.BZCM
BitDefender 7.90123.9106139 7.38995 2011-09-13 4.45 -
ClamAV 0.97.1 13601 2011-09-12 1.44 -
Comodo 5.1 10092 2011-09-12 2.01 -
CP Secure 1.3.0.5 2011.09.12 2011-09-12 0.00 -
Dr.Web 5.0.2.3300 2011.09.13 2011-09-13 17.41 -
F-Prot 4.6.2.117 20110912 2011-09-12 1.16 -
F-Secure 7.02.73807 2011.09.12.05 2011-09-12 0.26 -
Fortinet 4.2.257 14.123 2011-09-12 0.10 -
GData 22.1993 20110913 2011-09-13 0.11 -
ViRobot 20110910 2011.09.10 2011-09-10 0.34 -
Ikarus T3.1.32.20.0 2011.09.13.79347 2011-09-13 5.19 -
JiangMin 13.0.900 2011.09.12 2011-09-12 1.62 -
Kaspersky 5.5.10 2011.09.12 2011-09-12 0.11 -
KingSoft 2009.2.5.15 2011.9.13.9 2011-09-13 0.91 -
McAfee 5400.1158 6467 2011-09-12 10.35 -
Microsoft 1.7604 2011.09.13 2011-09-13 6.05 -
NOD32 3.0.21 6451 2011-09-09 0.76 -
Norman 6.07.11 6.07.00 2011-09-12 16.02 -
Panda 9.05.01 2011.09.12 2011-09-12 3.40 -
Trend Micro 9.500-1005 8.422.13 2011-09-12 1.04 -
Quick Heal 11.00 2011.09.12 2011-09-12 5.95 -
Rising 20.0 23.74.03.03 2011-09-08 2.92 -
Sophos 3.23.2 4.69 2011-09-13 5.38 -
Sunbelt 3.9.2500.2 10457 2011-09-12 3.17 -
Symantec 1.3.0.24 20110912.003 2011-09-12 0.24 -
nProtect 20110912.01 12716439 2011-09-12 2.51 -
The Hacker 6.7.0.1 v00293 2011-09-10 0.66 -
VBA32 3.12.16.4 20110912.0737 2011-09-12 6.32 -
VirusBuster 5.3.0.4 14.0.209.0/61214282011-09-12 0.00 -
This is annoying can we get AVG to be more precise in their tests?
Also please validate the correctness of the hashes just in case, who knows I might have a wallet stealer who specifically infests only the bitcoin binary
Jump to: