The core wallets of Dash-Bitcoin-Litecoin and the Electrum wallet are reported by microsoft windows antivirus as Trojans/Viruses!

Shall DCG be forced to fix Dashcore wallet so that it will not appear as Trojan in windows defender?

  • no

    Votes: 0 0.0%
  • other

    Votes: 0 0.0%

  • Total voters
    2

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Last edited:

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
Hi demo!

Before we discuss "forcing" anyone to do anything let's verify your claim. You have not shared sufficient details to do this, so let's vote on forcing disclosure of your methods first ;) Can you please share the following:
  1. Version of Windows and Windows Defender
  2. Version of Dash being flagged by Windows Defender
  3. The specific file it is flagging
The current version of Dash does not trigger any warnings, and the current and upcoming versions of Dash do not trigger any warnings in 83 different antivirus tools on Virus Total. See Dash 0.16.1.1 results and Dash 0.17.0.0-rc3 results. Is it possible you have another app installed that is showing positive? I note this trojan frequently shows up as a false positive for game emulators, particularly Diabo 2 (great game btw)
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Hi demo!

Before we discuss "forcing" anyone to do anything let's verify your claim. You have not shared sufficient details to do this, so let's vote on forcing disclosure of your methods first ;) Can you please share the following:
  1. Version of Windows and Windows Defender
  2. Version of Dash being flagged by Windows Defender
  3. The specific file it is flagging
The current version of Dash does not trigger any warnings, and the current and upcoming versions of Dash do not trigger any warnings in 83 different antivirus tools on Virus Total. See Dash 0.16.1.1 results and Dash 0.17.0.0-rc3 results. Is it possible you have another app installed that is showing positive? I note this trojan frequently shows up as a false positive for game emulators, particularly Diabo 2 (great game btw)

I am talking about win10 and the latest version of windows defender.
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
Please answer questions 2 and 3 as well. I cannot reproduce this with Dash 0.16.1.1 or 0.17.0.0. I suspect you have a virus from another source.
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Please answer questions 2 and 3 as well. I cannot reproduce this with Dash 0.16.1.1 or 0.17.0.0. I suspect you have a virus from another source.
I am taking about the latest core wallet that appers in dash.org.

Just download the zipped version of dash core wallet, and without installing it, just scan the zip file by using windows built in antivirus (windows defender), in a fully updated win10 system.
 
Last edited:

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
Still cannot reproduce. Scanned both zip file and installer on fully updated Windows 10, see below for result:

1615925863924.png
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
I agree, this is not the same trojan you initially claimed. The Windows installer for Dash does not contain mining code specifically to avoid triggering malware scanners, but the zip file distribution does contain this code. This positive match is therefore expected - Dash binaries contain mining code, because Dash is a Proof of Work cryptocurrency and mining is a necessary function of the network. Please contact Microsoft if you disagree that mining software should be flagged as malware.
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
I agree, this is not the same trojan you initially claimed. The Windows installer for Dash does not contain mining code specifically to avoid triggering malware scanners, but the zip file distribution does contain this code. This positive match is therefore expected - Dash binaries contain mining code, because Dash is a Proof of Work cryptocurrency and mining is a necessary function of the network. Please contact Microsoft if you disagree that mining software should be flagged as malware.

I did received a
Trojan:/Woreflint.Z!cl
warning too. I will try to reproduce the warning.

I think Dash should fix the bug in order to comply to Microsoft reports.
Similar alerts appear also for electrum wallet, litecoin or bitcoin core wallets.
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
I did received a
Trojan:/Woreflint.Z!cl
warning too. I will try to reproduce the warning.

I think Dash should fix the bug in order to comply to Microsoft reports.
Similar alerts appear also for electrum wallet, litecoin or bitcoin core wallets.

Here you are. I a troyan report now!

dash virus 3.jpg
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
Can you extract the zip file and scan again, then let me know which specific file is generating it? I still cannot reproduce this.

I already described how mining code is removed from installer binaries to avoid triggering malware scanners. If we remove it from the zip file as well, then Windows users can no longer mine Dash (on any network, including e.g. testnet or devnets). We will not change the Dash consensus algorithm away from PoW to avoid triggering a false positive experienced by a single user on a single platform using a non-recommended installation method.
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Can you extract the zip file and scan again, then let me know which specific file is generating it? I still cannot reproduce this.

I already described how mining code is removed from installer binaries to avoid triggering malware scanners. If we remove it from the zip file as well, then Windows users can no longer mine Dash (on any network, including e.g. testnet or devnets). We will not change the Dash consensus algorithm away from PoW to avoid triggering a false positive experienced by a single user on a single platform using a non-recommended installation method.

And what about the windows installer? Is this non recommended too?

See attached image

.dash virus 4.jpg
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
@strophy It is obviously a false alarm, but this does not mean that the Dash core team should not fix it!

Cryptos should comply with microsoft antivirus, not microsoft antivirus with cryptos.
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
Tomorrow maybe. I have already rebooted out of Windows to do some other work. However, I note that all of these links generate positives on Virus Total.

Why should DCG fix false positives in Litecoin and Bitcoin? And why should crypto comply with Microsoft scanners, what authority do they have? Did we vote to do this?
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Tomorrow maybe. I have already rebooted out of Windows to do some other work. However, I note that all of these links generate positives on Virus Total.
Ok! thats good news for me!!! I am not the only one who receives positives!!!
Agents are not nearby!

:cool::p
 
  • Like
Reactions: strophy

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Why should DCG fix false positives in Litecoin and Bitcoin? And why should crypto comply with Microsoft scanners, what authority do they have? Did we vote to do this?
Positives appear for Dash too.....Dash is a fork of bitcoin and litecoin.

Dash should comply to microsoft scanners, in order for new users not to be afraid to install dash software.
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
786
496
133
New users use the installer to install Dash. You have not shown any evidence that the installer triggers the scanner. Can you do this please?

Do you still suggest removing mining code from the zip distribution? Why?
 

Geert

Member
Aug 26, 2015
259
83
88
Clean My Mac X did recently flag Dash QT as a "coin miner" so maybe it's been added to some kind of database.
 

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
New users use the installer to install Dash. You have not shown any evidence that the installer triggers the scanner. Can you do this please?

Do you still suggest removing mining code from the zip distribution? Why?

DCG should try to fix the problem (by adding junk code into the items that are flagged as virus).

Then the Dash media team should advertise Dash as the only coin that succesfully pass the Microsoft Antivirus.
 
Last edited:

alicecarter95

New Member
Mar 19, 2021
2
0
1
27
eduhelphub.com
I have also found this issue in other forums as well. these false positives are really annoying. sometimes it makes me feel like these are conspiracies by bigger companies. :confused: or may be i am just paranoid. anyway, i really hope that this is fixed as soon as possible, because a lot of people are being mislead by this.
 

qwizzie

Well-known Member
Aug 6, 2014
1,837
998
183
Here is a simple solution : stop relying on the free Windows Defender and buy and use a good anti-virus program.
Problem solved and your pc is better protected.

Anyone active in crypto should not rely solely on Windows Defender for protection.
They should go the extra mile and get some proper anti-virus & malware protection.

Anyways, this thread topic has changed from Windows Defender supposedly detecting a trojan virus to Windows Defender classifying legit software as a PUA (potentially unwanted application). In this specific case it classifies something in the Dash Dash Core wallet ZIP file as a PUA - CoinMiner (which is normal in this case).

I suspect the scanning for PUA's can be disabled from within Microsoft Defender, or the zip file itself can be whitelisted.
It is up to users how they want to deal with PUA's.

And no, a PUA is not a virus.

Here is a doc about it : https://docs.microsoft.com/en-us/wi...ly-unwanted-apps-microsoft-defender-antivirus

Excluding files
Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be added to an exclusion list.

With regards to the found 'trojan:win32/woreflint.a!cl' : most likely unrelated to the Dash Core Wallet ZIP file and an urgent reason to get a good anti-virus program and do a full system scan.

Doc about this virus : https://www.microsoft.com/en-us/wds...-description?Name=Trojan:Win32/Woreflint.A!cl

Instead of doing a quickscan you should just have Windows Defender scan the Dash Core wallet ZIP file, if it only finds the PUA CoinMiner, then that means you got the trojan through something else (maybe you downloaded a game or something and it was attached there).
If you are not getting a good anti virus program, at least do a full system scan with Windows Defender & download and use the free Malwarebytes for Windows edition. Make sure it scans for rootkits as well.
 
Last edited:

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
@qwizzie

The problem is not microsoft antivirus and whether we should use it or not. The problem is that whoever microsoft and cryptonoobie user enters the cryptospace nowdays and tries to install the Dash wallet is being warned by microsoft that this is a PUA CoinMiner virus!!! This is VERY important because, due to the recent bull market , thousands of new users are arriving in cryptospace, and most of them are microsoft users. The DCG should take care of this ASAP. DCG should add junk code into the Dash core wallet in order to escape from the false report of the microsoft antivirus.

Secondly, I have to admit that I was scanning at the same time both Dash, and Bitcoin, and Litecoin, and Electrum portable wallet, so maybe the false report about the troyan was not because of Dash, but because of one of the other 3 wallets. Which makes me think that, in case of course we consider that this is a conspiracy, it should be a consipary of new cryptocurrencies with the help of microsoft against old cryptocurrencies.

Try it by yourself. Do a microsoft defender scan in Bitcoin core wallet, and Litecoin core wallet, and in Electrum portable wallet and you will get the trojan warning.
 
Last edited:

qwizzie

Well-known Member
Aug 6, 2014
1,837
998
183
@qwizzie

The problem is not microsoft antivirus and whether we should use it or not. The problem is that whoever microsoft and cryptonoobie user enters the cryptospace nowdays and tries to install the Dash wallet is being warned by microsoft that this is a PUA CoinMiner virus!!!
Incorrect. Microsoft does not warn that PUA CoinMiner is a virus. PUA's (Potentially Unwanted Applications) are not a virus !!
And Microsoft gives PUA CoinMiner even a 'Low' risk score according your own image :



PUA warnings is simply something that Windows users that deal with crypto wallets should get familiar with and should be looked at case by case.
Personally i would be more worried about the found trojan alerts on your system and focus on that more. Those are far more dangerous (which is why Microsoft classify them as 'Severe').
 
Last edited:

vazaki3

Active Member
Jul 1, 2019
502
194
113
33
apogee.dynu.net
Dash Address
XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
Incorrect. Microsoft does not warn that PUA CoinMiner is a virus. PUA's (Potentially Unwanted Applications) are not a virus !!
And Microsoft gives PUA CoinMiner even a 'Low' risk score according your own image :

ARE YOU LISTENING TO ME???? THE CRYPTO NOOBIES DO NOT KNOW WHAT A PUA IS!!! THEY JUST SEE THE WARNING, AND THEY REJECT THE DASH SOFTWARE!!!!!

PUA warnings is simply something that Windows users that deal with crypto wallets should get familiar with and should be looked at case by case.
Personally i would be more worried about the found trojan alerts on your system and focus on that more. Those are far more dangerous (which is why Microsoft classify them as 'Severe').
Are you listening, or just write whatever, in order to support the pathetic DCG?
I told you, this is NOT the report of my system. This is the report when I checked for viruses (by using microsoft antivirus) the dash core wallet, the bitcoin core wallet, the litecoin core wallet, and the electrum portable wallet.
Do it by yourself and confirm or reject my claims!!!