|
Title: Warning - GUIMiner virus hit with Bitdefender Post by: Agozyen on July 01, 2011, 01:11:42 PM I have has GUIMiner installed for a few weeks now and have had no problems so far. Just a few minutes ago Bitdefender warned me of the following -
Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe To my knowledge Bit Defender has scanned this system several times since I installed GUIMiner and hasn't given me any hits until today. GUIMiner is presently up and running as normal and I never went in and ran bitcoin-miner.exe. I don't know if this was a false positive or something to be worried about, but I wanted to pass along just in case. Does anyone else have problems with false positives or real trojans? Edit - just read on another post where it's a false positive. http://forum.bitcoin.org/index.php?topic=15765.0 Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: casascius on July 01, 2011, 01:17:50 PM This is probably a consequence of botnet operators putting Bitcoin mining software on compromised computers to steal themselves a little bit of mining time.
When the owners of the hijacked computers find the compromise, they often submit the unwanted files to AV companies as samples, who add signatures to their AV software to detect the unwanted files. This has the unfortunate side effect of having Bitcoin miners being flagged as malware. The bitcoin miner isn't malware if you are intentionally mining. Only if you have no idea what Bitcoin is, or what mining is, would you consider a miner to be unwanted software. Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: Bert on July 01, 2011, 01:19:15 PM If the exe file is less than 20MB I would upload it here to test it against multiple virus scanners just to be sure
http://www.virustotal.com/ EDIT: I downloaded the latest windows binary (http://forum.bitcoin.org/?topic=3486.0) and uploaded it. Code: Filename : bitcoin-miner.exe And only 3 out of 41 Antivirus programs pick it up, but it is flagged as goodware - Safety score: 100.0% http://www.virustotal.com/file-scan/report.html?id=9bae29593488e652f08e05882c0accd8159fd77fce3209119856287fda27abb6-1309525830 Code: AntiVir 7.11.10.191 2011.07.01 SPR/Tool.BitCoinMiner.a Virustotal might not have updated bitdefender yet, as it doesn't flag it: "BitDefender 7.2 2011.07.01 -" Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: zybron on July 01, 2011, 01:24:10 PM I use GUIMiner and my version of that file is 727Kb, in case that helps in determining if your version might be compromised. I'd definitely upload it to a virus scanner as suggested above, just to be sure.
Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: lechuck on July 01, 2011, 03:06:25 PM some Avs are weird.. whydo they categorize miners as "hackertools" or "riskyware"?
Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: casascius on July 01, 2011, 03:14:34 PM some Avs are weird.. whydo they categorize miners as "hackertools" or "riskyware"? Risk tool generally means legitimately published software that isn't malicious but that the average computer user probably doesn't want, and that might be there for a malicious purpose if the user doesn't know about it. Legitimate FTP servers, proxy servers, remote access software, and such fall in this category too, same with those "spy on your spouse" keylogging/screenshot grabbing sort of programs as well. Given that definition, a bitcoin miner would definitely fit. Other names for the same thing include PUP (potentially unwanted program). Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: Kiv on July 01, 2011, 03:51:03 PM I would recommend that people only download GUIMiner from my forum thread or the official GitHub page. I guarantee there is nothing bad in there, I write this software only because I want to see Bitcoin succeed. There were indeed a couple reports of false positive about it, but it's nothing to worry about
If you get the executable from somewhere else on the Internet (even if it says GUIMiner) I can't guarantee someone hasn't tampered with it. It would be trivial for someone to download a clean copy and attach their own trojan to it. Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: Forp on August 07, 2011, 10:27:35 AM @Kiv, just as information: Now it is Norton Internet Security, which also reports your 2011-07-11 version of GUIMiner, downloaded from Github.
Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: Ketzer2002 on August 07, 2011, 02:05:20 PM Yeah,
I've seen that too for NIS on the Computer of a friend of mine. He also said this: Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe I think it would be the best to work without the ufasoft miner as long as there is no clearance about it. @KIV maybe you can temporarly skip the ufasoft miner out of your guiminer package until the problem with the warnings is solved... Best Regards. Boris http://www.bitcoin-server.de Title: Re: Warning - GUIMiner virus hit with Bitdefender Post by: Bitcoin_Bing on November 16, 2012, 03:56:27 AM Avast keeps on deleting a file (trojan) which makes the miner non responsive to start. I have been mining solidly for two months without hassle. Now this (16 Nov 2012)? >:(
Had to disable all shields for 10 minutes and reinstall guiminer. Then activated the shield again. Update: Forgot to mention. Avast wanted to do a boot time scan after detecting the "trojan" |