Re: [psiphon3-developers] Re: Malware alert: pisphone3.exe

10546 views
Skip to first unread message

Adam Kruger

unread,
Oct 9, 2013, 2:46:33 PM10/9/13
to psiphon3-...@googlegroups.com, psip...@googlegroups.com, psiphon...@googlegroups.com
Hi.  The best way to verify the authenticity of your psiphon3 executable is to check its digital signature, as described here: https://s3.amazonaws.com/57wj-4j1q-wa7e/en.html#is_my_psiphon_3_for_windows_authentic

If your executable is authentic, it is possible that your antivirus signature database is out of date.  You should check Avast for updates.

Please let us know what you find.

Thanks.



On Wed, Oct 9, 2013 at 2:36 PM, Arman <reg.t...@hotmail.com> wrote:
Avast anti-virus detects the original psiphon3.exe  as a threat:
SUSPICIOUS FILE BLOCKED
avast File System Shield has blocked a threat.
No further action is required.
Infection: Win32:Evo-gen [Susp]
Action: Moved to chest

Why is it like that? Is it really a threat? If not why avast recognizes it as a threat?

 
On Friday, June 28, 2013 7:44:46 PM UTC+3:30, Psiphon Info wrote:
The Psiphon Team has discovered a specific instance of malware disguised as a Psiphon 3 Windows executable. The malware is being distributed as a zip file named "pisphone3.zip" on www.copy.com and may be available from other sources. The zip file contains a malicious binary named "pisphone3.exe" with the properties described at Virus Total. Note the misspelling of the name. This Windows executable is not digitially signed by Psiphon Inc. Never run a fresh download of Psiphon without checking its digital signature, as described here.

--
You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.
To post to this group, send email to psiphon3-...@googlegroups.com.
Visit this group at http://groups.google.com/group/psiphon3-developers.
For more options, visit https://groups.google.com/groups/opt_out.

Reply all
Reply to author
Forward
0 new messages