Kaspersky detects Trojan virus in Qtum Core (Windows 64-bit)



  • Installed Kaspersky Total Security today, and scan found Trojans in two Qtum EXE files:

    • Trojan.MSIL.Disfa.mlia in qtum-qt.exe (main app)
    • Trojan.Win32.Generic in qtumd.exe (daemon)

    Questions:

    • Why is this happening?
    • How do I restore my wallet?

    Thanks in advance for any insight on this!



  • Most likely it is a false positive



  • That's what I thought, too. Would be good to have reassurance from the tech team.



  • To restore the wallet, this is what you need to do:

    ADD AN EXCLUSION FOLDER FOR QTUM

    1. Open the Kaspersky main window, and click the Settings gear in the bottom left corner
    2. Select Additional on the left
    3. Click Threats and Exclusions in the main pane
    4. Under Exclusions, click Manage exclusions
    5. Click Add in the bottom right corner
    6. Click Browse and navigate to your QTUM wallet folder
    7. Click Select
    8. Click Add in the bottom right corner
    9. Click Continue in the confirmation dialog
    10. Close the Exclusions dialog

    RESTORE THE EXE FILES
    11. Go back to the main screen, and click More Tools on the bottom
    12. Click Quarantine on the left
    13. Select the two qtum EXE files (qtum-qt.exe, qtumd.exe), and click Restore on the bottom
    14. Click Restore again in the confirmation dialog

    START THE PROGRAM
    15. In Windows, delete all shortcuts to the program
    16. Go to your QTUM folder and start the main application (qtum-qt.exe). Your wallet should be running as usual.

    That should be it!





  • "This is a known issue. We've contacted Kaspersky and 2 other anti-virus vendors about this." - Earlz on GitHub


Log in to reply