Phoenixcoin icon indicating copy to clipboard operation
Phoenixcoin copied to clipboard

Published 20 hours ago verified publisher icon ghostlander

NOD32 claims to have detected a trojan (Generik.NBQFSEX) in version 0.6.6.1

Open Samhayne opened this issue 7 years ago • 13 comments

Hi,

I'm super-sure it's just a false alarm but I wanted to make you aware of it anyway. Since today NOD32 keeps quarantining my phoenixcoin wallet exe and I had to put it into the exclude list.

image

Samhayne avatar Sep 21 '17 06:09 Samhayne

I'm not surprised. The wallet may use CPUminer which they have blacklisted for years.

ghostlander avatar Sep 21 '17 13:09 ghostlander

Any word from the developers on this? My old pxc wallet scans fine. Trying to get an updated version from phoenixcoin.org leads to trojan alerts.

astr1al avatar Dec 04 '17 17:12 astr1al

How am I supposed to fight those false positives? They flag whatever they like for no real reason.

ghostlander avatar Dec 05 '17 22:12 ghostlander

The alerts might not be false. Compile the wallet from source.

tomasbrod avatar Dec 07 '17 09:12 tomasbrod

Perhaps Samhayne should contact ESET Canada, and pass on the binary, to check they have been false positive someones binary.

ESET Canada Sales & Marketing Office 181 Bay Street, Suite 3620 Toronto, ON M5J 2T3 Web: www.eset.com/ca Partner Support

To purchase ESET products and services, inquire about renewals or for assistance with credit card and other payments:

Email: [email protected] Call: +1 (416) 637-1470 (English/French support) Toll Free: +1 (844) 423-3738 (English/French support) Available Monday-Friday, 9:00am - 5:00pm EST/EDT [Toronto]

For post-sales support, including technical support: Call: +1 (844) 423-3738

wrapperband avatar Dec 07 '17 11:12 wrapperband

Might not be false? The binaries are hosted by GitHub. No one except me has upload rights. I don't do trojans.

By the way, most of those ignorant AVs report it a Bitcoin miner. Of course it can do some CPU mining, but not Bitcoin and not without user consent.

ghostlander avatar Dec 07 '17 13:12 ghostlander

It's not Report to a miner, it's report to a trojan ! I have 20 wallet (with half is include with a miner), and i haven't have report in any AV. I'm suspicious from this file. Can you add a realease whithout CPUminer ? Thx

pxctrojan

Sigri44 avatar Jan 07 '18 08:01 Sigri44

Doesn't matter. They don't like it anyway thinking it's an IRC bot. The wallet uses IRC for peer discovery only, but they don't seem to care.

ghostlander avatar Jan 07 '18 13:01 ghostlander

Same problem here on W10. It's a shame it's not being fixed. I'll try to run the wallet on a Virtual Machine in the meantime.

seiferflo avatar May 14 '18 15:05 seiferflo

Use Phoenixcoin Lite if there are problems with your anti-virus software.

ghostlander avatar May 15 '18 11:05 ghostlander

delete Same same... but different trojan

seiferflo avatar May 17 '18 20:05 seiferflo

VirusTotal 3/65

ghostlander avatar May 17 '18 23:05 ghostlander

I'm using it on a Linux inside a Virtual Machine. Works fine.

seiferflo avatar May 18 '18 17:05 seiferflo