Pages:
Author

Topic: Electrum Bitcoin Wallet is Trojan? (Read 3011 times)

legendary
Activity: 3472
Merit: 4801
October 11, 2016, 10:44:36 AM
#31
Danny Hamilton.... I hope you realize that virus total has nothing to do with it. They aren't the one scanning the file,

Nope. I had no idea.  I assumed based on the conversation in the thread that VirusTotal was an antivirus program that you and others were using. I've gone back and fixed my posts.  Thanks for explaining.

is the antivirus scanning the file.

Obviously.  I wasn't familiar with Virus Total, and the context of the discussion in the thread made it appear that it was a virus scanning program.

So when you say that Virus Total is lying well ummm you sound like a very arrogant person if you actually meant it.

Nope. I meant that the virus scanning program was lying.  I figured that was obvious from the context of my posts.  Does that mean I'm not arrogant after all?

I'm sure you've gotten that before from Family and Friends.

Nope.  But perhaps they've avoided saying anything about it to me, because they don't want to hurt my feelings?

I am a very good judge of character and you sir are not liked by many.

Thanks.  That's good to know.  Is there some way I can fix that, or am I stuck with not being liked forever?  Perhaps I'll just need to accept being liked by a few rather than many?
newbie
Activity: 9
Merit: 0
October 11, 2016, 10:17:27 AM
#30
Why isn't virus total lying about every other wallet I've tested?

I don't know.  You'll have to ask them.

Do they have something against Electrum?

Maybe.  Or maybe they just aren't very careful about their reporting

Every single other wallet has been 0/56

Every single other wallet?  How many others have you tested? perhaps the ones you tested just got lucky.



Danny Hamilton.... I hope you realize that virus total has nothing to do with it. They aren't the one scanning the file, is the antivirus scanning the file. So when you say that Virus Total is lying well ummm you sound like a very arrogant person if you actually meant it. I'm sure you've gotten that before from Family and Friends. I am a very good judge of character and you sir are not liked by many.
legendary
Activity: 3472
Merit: 4801
October 08, 2016, 04:48:01 PM
#29
Why isn't virus total lying about every other wallet I've tested?

I don't know.  They are probably being lied to by the virus scanning program. You'll have to ask them.

Do they have something against Electrum?

Maybe.  Or maybe they just aren't very careful about their reporting. More likely, the virus scanning program isn't very careful about their reporting.

Every single other wallet has been 0/56

Every single other wallet?  How many others have you tested? perhaps the ones you tested just got lucky.
legendary
Activity: 3276
Merit: 2442
October 08, 2016, 03:19:37 PM
#28
Goddammit.

I just moved from core wallet to electrum and now this pops up.

I also checked the file in virus total and got 1/56 result. It has a trojan named: trojan.win32.multiinjector.c!rfn

Fck this shit.

I can't delete it too.

Fuck.

edit: ok deleted the bastard. just keep trying.

How did you delete it? I've been trying to delete it ever since I noticed the Trojan and it says "File cant be deleted because its in USE" I checked task manager and its not there. Tried shredding it, nothing. Restarted my PC and it tells me "File is in USE" Really???



I was in the same position. I kept hitting delete button and it succeeded after a few tries. Keep trying Cheesy
legendary
Activity: 1896
Merit: 1353
October 08, 2016, 12:33:41 PM
#27
Note that Electrum binaries for Windows are not created on Windows, but on a Linux computer running Wine.
Thus, this machine cannot be infected with Windows malware.
newbie
Activity: 9
Merit: 0
October 08, 2016, 11:20:41 AM
#26
Goddammit.

I just moved from core wallet to electrum and now this pops up.

I also checked the file in virus total and got 1/56 result. It has a trojan named: trojan.win32.multiinjector.c!rfn

Fck this shit.

I can't delete it too.

Fuck.

edit: ok deleted the bastard. just keep trying.

How did you delete it? I've been trying to delete it ever since I noticed the Trojan and it says "File cant be deleted because its in USE" I checked task manager and its not there. Tried shredding it, nothing. Restarted my PC and it tells me "File is in USE" Really???

legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
October 08, 2016, 10:32:15 AM
#25
I am curious to know how you are using virustotal?
Do you download on your computer and then upload using their file tab?



Read Danny's comment in last page.

I uploaded the file. Should i worry?

No there is nothing to worry about, and as I said read This]https://bitcointalksearch.org/topic/m.16496231]This. I have also downloaded and checked it with my AV and there is nothing to worry about.

The reason I asked this is because I though there is an easier way to check it directly and not download, upload
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
October 08, 2016, 10:31:25 AM
#24
There is nothing Electrum can do.  Electrum created a good piece of software that is NOT a trojan, and virustotal has chosen to lie to you about it.  Electrum can't make virustotal stop lying.


Why isn't virus total lying about every other wallet I've tested? Do they have something against Electrum? Every single other wallet has been 0/56
A part of the Electrum code may have resembled a string from a known virus or may have behavior that they deem suspicious. It is important to note that the analyse is not done by virustotal but done by the antiviruses. Antiviruses are at times quite inaccurate. That being said, the only antivirus that detected it as a virus is Invincea and it isn't even well known.
legendary
Activity: 3276
Merit: 2442
October 08, 2016, 10:24:39 AM
#23
I am curious to know how you are using virustotal?
Do you download on your computer and then upload using their file tab?



Read Danny's comment in last page.

I uploaded the file. Should i worry?
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
October 08, 2016, 10:15:10 AM
#22
I am curious to know how you are using virustotal?
Do you download on your computer and then upload using their file tab?



Read Danny's comment in last page.
legendary
Activity: 3276
Merit: 2442
October 08, 2016, 10:11:39 AM
#21
Goddammit.

I just moved from core wallet to electrum and now this pops up.

I also checked the file in virus total and got 1/56 result. It has a trojan named: trojan.win32.multiinjector.c!rfn

Fck this shit.

I can't delete it too.

Fuck.

edit: ok deleted the bastard. just keep trying.
newbie
Activity: 9
Merit: 0
October 08, 2016, 09:54:28 AM
#20
There is nothing Electrum can do.  Electrum created a good piece of software that is NOT a trojan, and virustotal has chosen to lie to you about it.  Electrum can't make virustotal stop lying.


Why isn't virus total lying about every other wallet I've tested? Do they have something against Electrum? Every single other wallet has been 0/56
legendary
Activity: 3472
Merit: 4801
October 08, 2016, 09:39:18 AM
#19
The developer should look into this regardless. The fact is virustotal is labeling it as a Trojan.

You are mistaken.

If virustotal a virus scanning program is labeling it as a Trojan as a false positive, then the developer of virustotal the virus scanning program should look into this.

There is nothing Electrum can do.  Electrum created a good piece of software that is NOT a trojan, and virustotal the virus scanning program has chosen to lie to you about it.  Electrum can't make virustotal the virus scanning program stop lying.

If I lie to you and tell you that Windows is a trojan, does that mean that Microsoft should change their software?

I won't risk my money due to a mistake from the developers of Electrum.

You mean due to a mistake from the developers of virustotal a virus scanning program, don't you?  They are the ones that are lying

Therefore, I wont be using your application.

That's fine.  Nobody is going to force you to use good software that you don't want to use, and nobody is going to force you to stop using the software that lies to you either if you still want to use it.
newbie
Activity: 9
Merit: 0
October 08, 2016, 07:49:12 AM
#18
The developer should look into this regardless. The fact is virustotal is labeling it as a Trojan. I don't care if its a false positive or not. We are dealing with money here and I won't risk my money due to a mistake from the developers of Electrum. Therefore, I wont be using your application.
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
October 08, 2016, 07:15:10 AM
#17
Download it from their official website https://electrum.org/#download The windows version.
I download the Standalone Executable or Windows Installer. Version 2.6 and 2.7 are showing as Trojans.

I checked with my AntiVirus (Eset Smart Security with latest virus signature database 14246) there is no Trojan or any other kind of alert.

Check these and report back:
1) Make sure you have downloaded from the right source
https://electrum.org/#download
Standalone Executable: https://download.electrum.org/2.7.2/electrum-2.7.2.exe
sig: https://download.electrum.org/2.7.2/electrum-2.7.2.exe.asc

Windows Installer: https://download.electrum.org/2.7.2/electrum-2.7.2-setup.exe
sig: https://download.electrum.org/2.7.2/electrum-2.7.2-setup.exe.asc

ThomasV sig: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6

2) Check the signatures after you finished downloading. There is helpful link in one of the above comments.

3) Make sure you did not have a Trojan already on your PC from before (like having it from a month ago but not knowing about it)

4) If and only if you did all of the above and you still had the same problem, make a proper report and wait for a developer to see this.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
October 08, 2016, 06:09:36 AM
#16
I've had a couple friends do a virus check on their own Electrum wallet and it is showing as a Trojan for them as well... Not really happy by the outcome of this.... The file should 0/56 we are dealing with money here we cant be risking false positives and Electrum should do something about it now.


Another thing. The file is impossible to delete. I've tried shredding it, deleting it, deleting it through CMD. NOTHING! Its impossible. Every time i try to delete it it tells me FILE IS IN "USE" Even after restarting my PC.


It's also odd that Electrum does not show up on Programs List and its just a exe file.



The antivirus companies have all the rights to label the software and Electrum can't really do anything about it. If the top popular antiviruses does not have anything to say about it, there isn't much to worry about.

The portable version will not be installed to the computer if that is what you mean. Go to Task manager>Processes, find the Electrum.exe and force stop it. You should be able to delete it then.
legendary
Activity: 1904
Merit: 1074
October 08, 2016, 05:59:05 AM
#15
I presume you are using Microsoft Winduhs? Boot into safe mode and then try and delete the files. I prefer to use a multi boot for the

different things I do. I like the Linux OS's like Ubuntu or even something like Tails. You have much less hassles with viruses and Malware

and you can clean boot, after every session.  Grin
newbie
Activity: 9
Merit: 0
hero member
Activity: 1442
Merit: 578
October 08, 2016, 05:13:51 AM
#12
Previously i was scanning the installation file, and it showed no infection 0/53.

Now i scanned the exe file of installed version of electrum, and i got 1/56 infections... same result as you.
In scanning datails i see that detection is from "Invincea" antivirus, updated to 20160928 which is quite old.

I checked my task manager and electrum process shows correctly (windows xp os).

I Think is a false positive too.
Pages:
Jump to: