Author

Topic: ADWARE/Adware.Gen7 Armory (Read 1078 times)

hero member
Activity: 714
Merit: 500
July 21, 2015, 03:57:33 AM
#5
Thanks for your suggestions.
I can't remember, if I checked the signature. It was ~ 6 months ago.
I just installed it, to take a look at it and than forgot about it. So, I think, I am gonna uninstall it(the version is most probably outdated anyways)
I was just wondering if Avira is Targeting Bitcoin Software on purpose, like they also did with cracks for games.
legendary
Activity: 3766
Merit: 1364
Armory Developer
July 20, 2015, 02:43:25 PM
#4
guardian.exe is a very simple piece of code, meant to kill bitcoind if Armory came to crash before gracefully closing the instance of Core it is managing. It is only used when auto bitcoind management is turned on, so if you don't trust the exe, turn off that setting and delete the binary entirely.

It is also very easy to build. Download any version of Microsoft Visual Studio 201x Express (that's the free version), load the guardian project and build it. Nothing more needed.
legendary
Activity: 1456
Merit: 1081
I may write code in exchange for bitcoins.
July 20, 2015, 01:42:39 PM
#3
If you have a compiler, why not go ahead and build from source so that you know there's not weird files being bundled with your binary.  Or, if you don't have a compiler, maybe download one (it's not too hard).

Finally, if there's no way to build from source yourself then you could at least check the binary that it was signed by the armory people's keys.  I assume there's some kind of key-signature way to download their packages (I've never used them myself), but if a bitcoin wallet didn't have some kind of key/signing on the package I'd be very surprised.
legendary
Activity: 1512
Merit: 1012
July 20, 2015, 12:42:48 PM
#2
Most probably a false positive if you're using that installation for some time without issues. Have you checked the hash of the installation file?
hero member
Activity: 714
Merit: 500
July 20, 2015, 10:40:46 AM
#1
My avira found ADWARE/Adware.Gen7 in guardian.exe of Armory.
It is an old installation, I haven't used in a while.
Has anybody heard of that. Wouldn't be the first false positive with Avira ...
Jump to: