SABnzbd Forums

Als ik de nieuwe versie SABnzbd 3.2.0 download word die er direct terug afgegooid door mijn Norton virusscanner, er word ook een bestand dat met de download in appdata word geplaatst verwijderd, ik vind dat wel verdacht want dat is toch niet normaal of wel?
Ik ken niet zoveel van PC daarom de vraag of dit wel veilig is om te instaleren ?

Groeten,
bird.

Zie https://www.virustotal.com/gui/url/1477 ... /detection


Dus: 78 virusscanners vinden sab 3.2.0 clean. Geen enkele zegt onveilig.

Dus: update je Norton. Als Norton het nog steeds onveilig vindt ... wacht een week, en herhaal: update je Norton, etc. Zodra Norton het veilig vindt, installeren.

En/of dien een klacht in bij Norton, met verwijzing naar de URL die ik je gaf.

Dank u wel, dat is duidelijk.

Ik heb toch nog een online scan gedaan en ben nog niet overtuigd dat het veilig is

bird wrote: ↑February 26th, 2021, 11:09 am Ik heb toch nog een online scan gedaan en ben nog niet overtuigd dat het veilig is

Ok, prima. Het gaat erom wat jij ervan vindt. Niet wat 78 virusscanners ervan vinden.

It really doesn't matter that 78 mark it as safe, installing a downloaded application marked as potentially infected by 5 engines is just bad opsec. New viruses initially don't register with any scan engines until the signatures are isolated and distributed, so these 5 engines could be the first 5 to recognize a new virus, or the last 5 to clear a false positive. Without fully understanding why they are alerting on the file installing it is a risk.

Feel free to check the source and compiling process, everything is on Github fully transparent.
There's no virus in there.

I believe you mate, this isn't the only most-likely clean code I'm having this issue with, but reading source code and examining the compiling process is not one of my skill sets. Code on Github has been compromised in the past on many occasions and in light of recent supply-chain compromises the results from scanners like VirusTotal are all people like me have to rely on. No worries - I'll keep submitting it to VT until it is clean.

Sushimann wrote: ↑February 28th, 2021, 1:08 pm No worries - I'll keep submitting it to VT until it is clean.

What is not clean then for https://www.virustotal.com/gui/url/1477 ... /detection ?
I count 78 Clean, 6 Unrated, 0 not clean.

So ... ?

If you want to wait until the Unrated are gone, ... good luck with what : even for 3.1.1 (released Nov 2020, so a few months) , 7 are Unrated. See https://www.virustotal.com/gui/url/9c15 ... /detection

So @Sushimann ... which version of SABnzbd do you use?

Interesting - that is definitely not what I'm seeing. I wouldn't worry about unrated - when I uploaded the file I had 5 detections. I can't post a link (new user) but look up this hash on VirusTotal: 9a9244a78fac5e23e0424669f3b8730aefe76ddee1fe318349e3cede313db4e2

sabnzdb.exe (3.2.0) gives 12 issues on virustotal.
https://www.virustotal.com/gui/file/521 ... /detection

Those are just general detections that trigger on PyInstaller packages.. They would even trigger on a hello world application.

Is the sabnzbd,exe a PyInstaller package ? Is it not an Py2exe ?

PyInstaller indeed, since Python 3.