Title: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: yenom on March 03, 2014, 09:04:06 AM I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program.
On windows 7 it creates many msdcsc.exe processes and is difficult to remove. They don't appear for a few days to stop arousing suspicion, and only appear after you have done a reboot. A full virus scan, anti-malware scan is recommended. I haven't lost any bitcoin because my private keys are on an offline linux machine, but I'm going to change all my bitcoin related passwords and reinstall my system. PITA. Did I mention I feel like an idiot? I'm usually very careful with these kinds of things. Title: Re: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: dlevine01 on March 03, 2014, 09:21:14 AM Yikes! Thanks for the warning! I'm glad I caught your post in time. :D Much appreciated!
Title: Re: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: IamCANADIAN013 on March 03, 2014, 09:28:21 AM I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program. On windows 7 it creates many msdcsc.exe processes and is difficult to remove. They don't appear for a few days to stop arousing suspicion, and only appear after you have done a reboot. A full virus scan, anti-malware scan is recommended. I haven't lost any bitcoin because my private keys are on an offline linux machine, but I'm going to change all my bitcoin related passwords and reinstall my system. PITA. Did I mention I feel like an idiot? I'm usually very careful with these kinds of things. I wouldn't feel like too much on an idiot, especially if you didn't lose anything. I'm insanely careful myself with stuff like that, but it's almost impossible to keep guard up 24/7. I try to do a Google search of pretty much anything I download, but even the other day I slipped up and ended up with a virus. It can happen to the best of us. Thanks for the heads up though! Title: Re: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: yenom on March 03, 2014, 09:52:02 AM Just one slip-up can be costly. I remember when I downloaded it, my gut-feel was 'this could be a virus', so I scanned the file with avast anti-virus and it came up clean. Malwarebytes Anti-malware found it and cleaned it, but when I rebooted, it appeared again as an msdcsc.exe process. Evil!
Currently doing a full system scan with four different anti-malware and anti-virus scanners, and have disconnected that machine from the network. I hope this thread saves someone from losing their coins. Title: Re: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: yenom on March 03, 2014, 11:11:53 AM This page was the best help. None of the malware removal programs I tried could remove it. But doing it manually this way did:
http://www.enigmasoftware.com/msdcscexe-removal/ Title: Re: WARNING: BTCStats-QT.exe installs a keylogger/backdoor Post by: substratum on March 03, 2014, 01:52:40 PM I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program. Where was the original file downloaded from? I'd like to analyze it. |