Hello,
I'm new to using Gminer. I used the DL link from Github directly from this forum. I successfully ran the program on 2 rigs starting about 4 days ago. When I went to get it again for my main rig it came up with a warning Trojan:Win32/TrickBot!ml and the infected file was the miner.exe. Is this normal? It didn't pop up on the other 2 downloads from a couple days ago. Just wondering what I should do? Thanks!
If you downloaded it from GMiner's link on the first page you are fine. It happens quite often that antivirus programs give trojan/virus alarms with mining software, but you should always take care where you download your miner from. In other words always download from the link provided by the miner on the first page.
We all are not idiot and know where to download the right gminer software. So let's stop to redirect people where is the right place for downloading. Let's focus to the main question:
Version 2.70 doesn't show viruses but all after that are marked as malware? Why?
Could you share with us which piece of code is the difference between the versiona and is the reason to be detected as a virus?
I canīt confirm this.
Virustotal say:
2.74 = 17 security vendors flagged this file as malicious
2.70 = 24 security vendors flagged this file as malicious
2.66 = 24 security vendors flagged this file as malicious
So it is normal i think.
Results for the lolminer 1.38 for example show me 29 security vendors and 1 sandbox flagged this file as malicious.
What is the software used for your tests?? I was talking about checking the gminer with Virustotal - check that 2.70 doesn't show viruses but 2.74 shows - this is on Virustotal - that's why I was asked to show the code that make this difference between 2 versions
You read my post? I checked it with Virustotal. All versions a flagged as malicious. You can test every miner and you will get a malicious flag.
Phoenixminer are flagged by 43 security vendors XD
Gminer 2.70 results
here is my result! The difference is because you are using windows version of gminer - I use the linux one! In linux there is difference in version 2.74 and 2.70 ( the first one is flages as virus, 2.70 is clean - check the link). The last Phoenixminer version under linux also doesn't show viruses! I don't care about Windows ( the empire of evil ) it is viruses by default .
Gminer 2.70 results
The point is, the malicious detection can change with every version, because new code inside. T-Rex miner linux version also shows malicious.
You must see the overall point, and not starting Linux and Windows bashing, it is senseless.
Why should they do other stuff in the Linux version than in the Windows version? But you say you don't care about the Windows version, so you don't care about anyone - Selfish?
Virustotal cannot scan the Linux miner file complete by the way
only 56 of 65 security vendors
Linux donīt care me, but i am here to discuss about it. If you have problems with the malicious detection, use other miner or go back to 2.70.
Donīt spread fud, this will help no one.
I just took a quick look at it, it does look suspicious.
It use anti-debugging techniques and parts of the binary is packed.
Just like it's trying to hide something... Question is why, it's open source so why try to evade debuggers and pack the binary?