Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NOD32 claims to have detected a trojan (Generik.NBQFSEX) in version 0.6.6.1 #4

Open
Samhayne opened this issue Sep 21, 2017 · 13 comments
Open

NOD32 claims to have detected a trojan (Generik.NBQFSEX) in version 0.6.6.1 #4

Samhayne opened this issue Sep 21, 2017 · 13 comments

Comments

@Samhayne
Copy link

Hi,

I'm super-sure it's just a false alarm but I wanted to make you aware of it anyway.
Since today NOD32 keeps quarantining my phoenixcoin wallet exe and I had to put it into the exclude list.

image
@ghostlander
Copy link
Owner

I'm not surprised. The wallet may use CPUminer which they have blacklisted for years.

@astr1al
Copy link

astr1al commented Dec 4, 2017

Any word from the developers on this? My old pxc wallet scans fine. Trying to get an updated version from phoenixcoin.org leads to trojan alerts.

@ghostlander
Copy link
Owner

How am I supposed to fight those false positives? They flag whatever they like for no real reason.

@tomasbrod
Copy link

The alerts might not be false. Compile the wallet from source.

@wrapperband
Copy link

Perhaps Samhayne should contact ESET Canada, and pass on the binary, to check they have been false positive someones binary.

ESET Canada Sales & Marketing Office
181 Bay Street, Suite 3620
Toronto, ON M5J 2T3
Web: www.eset.com/ca
Partner Support

To purchase ESET products and services, inquire about renewals or for assistance with credit card and other payments:

Email: salescanada@eset.ca
Call: +1 (416) 637-1470 (English/French support)
Toll Free: +1 (844) 423-3738 (English/French support)
Available Monday-Friday, 9:00am - 5:00pm EST/EDT [Toronto]

For post-sales support, including technical support:
Call: +1 (844) 423-3738

@ghostlander
Copy link
Owner

ghostlander commented Dec 7, 2017
edited
Loading

Might not be false? The binaries are hosted by GitHub. No one except me has upload rights. I don't do trojans.

By the way, most of those ignorant AVs report it a Bitcoin miner. Of course it can do some CPU mining, but not Bitcoin and not without user consent.

@Sigri44
Copy link

Sigri44 commented Jan 7, 2018

It's not Report to a miner, it's report to a trojan ! I have 20 wallet (with half is include with a miner), and i haven't have report in any AV. I'm suspicious from this file. Can you add a realease whithout CPUminer ? Thx

pxctrojan

@ghostlander
Copy link
Owner

Doesn't matter. They don't like it anyway thinking it's an IRC bot. The wallet uses IRC for peer discovery only, but they don't seem to care.

@seiferflo
Copy link

Same problem here on W10. It's a shame it's not being fixed. I'll try to run the wallet on a Virtual Machine in the meantime.

@ghostlander
Copy link
Owner

Use Phoenixcoin Lite if there are problems with your anti-virus software.

@seiferflo
Copy link

seiferflo commented May 17, 2018
edited
Loading

delete
Same same... but different trojan

@ghostlander
Copy link
Owner

VirusTotal 3/65

@seiferflo
Copy link

I'm using it on a Linux inside a Virtual Machine. Works fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@wrapperband @ghostlander @Samhayne @astr1al @Sigri44 @seiferflo @tomasbrod