ChatGPT icon indicating copy to clipboard operation
ChatGPT copied to clipboard

Published 20 hours ago verified publisher icon lencx

[Security] Windows Defender detects ChatGPT.exe as a Trojan

Open acoudray opened this issue 2 years ago • 23 comments

Description

Windows Defender detects ChatGPT.exe as a Trojan. Happened today before updating, v0.10.3 image

Motivation

No response

Alternatives

No response

Additional context

No response

acoudray avatar Feb 18 '23 09:02 acoudray

Me too, just now !

DeveloCraft avatar Feb 18 '23 09:02 DeveloCraft

Same here image

DioVayne avatar Feb 18 '23 09:02 DioVayne

Same for me!

I then installed the latest version by downloading the release .exe again (0.11). That works fine.

LukaErnestini avatar Feb 18 '23 09:02 LukaErnestini

Same lol

Saya47 avatar Feb 18 '23 11:02 Saya47

++++

miztizm avatar Feb 18 '23 16:02 miztizm

I got the same thing. I updated to the latest version, and now it's "Malicious.moderate.ml.score" instead of the Malgent trojan.

Microsoft is the only one marking this as malware. https://www.virustotal.com/gui/file/471b3b4bd2c8739330d9a6405bf0289d5dc4a98d5b13b3cd40c667e43bd341e1/detection

shanedk avatar Feb 18 '23 17:02 shanedk

Same here

jonasmarco avatar Feb 19 '23 01:02 jonasmarco

I have reported this issue to Microsoft. https://aka.ms/AAjp4bx

yixinBC avatar Feb 19 '23 03:02 yixinBC

I don't think this virus is caused by Microsoft or a 3rd party reason. Considering the feedback sent to you and my use case on 2 different computers, I'm pretty sure this virus originated from you. I do not want to approach this situation from a biased point of view, so I would greatly appreciate it if you could explain the reasons that led me to this thought. image

I installed it on 2 different computers 1 week ago, 3 days apart, and after running the "ChatGPT.exe" file for a total of 24 hours, update notifications came to both computers. After the update process was completed, the file was automatically deleted because Microsoft found a virus. image

Now, the update process after 24 hours of use may be a coincidence, but the virus situation takes the matter to a very different point. This suggests that it could be more than just a coincidence. Currently, this is not an issue for someone who downloads and installs the app from GitHub.

In the first installation, everything works smoothly and there is no problem with the virus, why is there a virus warning after 24 hours of use?Also, please let's not limit this topic to just "Microsoft". You can understand more clearly when you scan your update file through "virustotal"

00xSky avatar Feb 19 '23 14:02 00xSky

Now I even get suspicious as to why it's taking such a long time to uninstall.

DioVayne avatar Feb 19 '23 14:02 DioVayne

Now I even get suspicious as to why it's taking such a long time to uninstall.

Sometimes uninstall a program from .msi installer is slow.I must point out that this is almost the common problem of this type of installation

yixinBC avatar Feb 19 '23 15:02 yixinBC

Me too. I installed this app by choco. Windows denfnder shows "Trojan:Win64/Malgent!MSR".

wanzhiyu avatar Feb 20 '23 05:02 wanzhiyu

Windows 11 has also reported this.

oriofdarkforest avatar Feb 20 '23 06:02 oriofdarkforest

Just now, I meet the same problem.

zhixiangjoy avatar Feb 20 '23 13:02 zhixiangjoy

If anyone still has the infected files after the update, can they share? I think the only evidence we can get an answer on this is the infected files.

00xSky avatar Feb 21 '23 07:02 00xSky

I also got this reports, i am sure this is from the softeare. could anyone explain the Trojan reports? this should not happend, if so we need report this situation to github.

mliyuanjie avatar Feb 21 '23 10:02 mliyuanjie

i'm guessing he's right lol image

tribixbite avatar Feb 21 '23 18:02 tribixbite

I also got this reports, i am sure this is from the softeare. could anyone explain the Trojan reports? this should not happend, if so we need report this situation to github.

Then, what happened with defender? It was a false positive?

ann7bel avatar Feb 24 '23 06:02 ann7bel

I've updated the readme. security agencies have now detected a trojan in the unknown download link.

🛑 URGENT NOTICE: A hacker has been found to take advantage of the heat of lencx/ChatGPT to plant a Trojan horse after the fork project and rebuild the installer. If you have friends around you who are using this desktop application, please remind them not to download unknown links freely. Now the project will remove other installation ways and only provide this download link https://github.com/lencx/ChatGPT/releases

🛑 紧急通知:目前发现有黑客利用 lencx/ChatGPT 的热度,在 fork 项目后植入木马,重新构建安装程序。如果你身边有朋友正在使用此桌面应用,请提醒 TA 们不要随意下载不明链接。现在项目将删除其他安装途径,仅提供此下载链接 https://github.com/lencx/ChatGPT/releases

lencx avatar Feb 25 '23 15:02 lencx

Now the project will remove other installation ways and only provide this download link lencx/ChatGPT/releases

I use winget to install this software. Can this ensure safety?

Ethkuil avatar Feb 25 '23 16:02 Ethkuil

I use winget to install this software. Can this ensure safety?

It is safe.

lencx avatar Feb 25 '23 16:02 lencx

My client is just downloaded from the release page. Someday Microsoft forced to delete it. Not the first day, but after I used it for about a week. It did not convince me.

oriofdarkforest avatar Feb 28 '23 06:02 oriofdarkforest

I use winget to install this software. Can this ensure safety?

It is safe.

Scoop ?

DemGiran avatar Mar 16 '23 06:03 DemGiran

Something about this whole repo screams spyware.

JiveyGuy avatar Jun 17 '23 09:06 JiveyGuy

I remeber a similar repo I was using before and there the same spyware / virus discussions came up. Not that this is just copy / paste from that same old haunted repository

mgarbade avatar Sep 06 '23 07:09 mgarbade