Bitcoin Forum
June 22, 2024, 10:50:05 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: ATTENTION ! Dangerous trojan on this forum from HERO member !!!  (Read 335 times)
quantumj (OP)
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1


View Profile
February 10, 2020, 08:29:04 AM
Last edit: February 10, 2020, 10:19:40 AM by quantumj
 #1

TOPIC
https://bitcointalk.org/index.php?topic=5223499

ATTENTION !!!
TROJAN DETECTED!!!
IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILES CREATED:
--- Backdoor.Agent.Generic (Malwarebytes report), C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
Quote
[InternetShortcut]
C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe
IconIndex=0
IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
--- TROJAN FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\
https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection

Quote
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through
[02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through
[02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06
[02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
Lafu
Legendary
*
Offline Offline

Activity: 3010
Merit: 3128



View Profile
February 10, 2020, 05:13:54 PM
 #2

You should be Moving this thread to the Mining Section so all can see it there.
And yes it dosnt looks good and have some Malware and Trojan in it .
Report the thread if you think its dangerous.

rikko72
Hero Member
*****
Offline Offline

Activity: 1022
Merit: 543



View Profile
February 11, 2020, 12:33:22 AM
 #3

TOPIC
https://bitcointalk.org/index.php?topic=5223499

ATTENTION !!!
TROJAN DETECTED!!!
IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILES CREATED:
--- Backdoor.Agent.Generic (Malwarebytes report), C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
Quote
[InternetShortcut]
C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe
IconIndex=0
IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
--- TROJAN FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\
https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection

Quote
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through
[02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through
[02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06
[02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
go to the official branch and show it there. I bet you are the offended user who has already robbed
joblo
Legendary
*
Offline Offline

Activity: 1470
Merit: 1114


View Profile
February 11, 2020, 01:41:54 AM
 #4

go to the official branch and show it there. I bet you are the offended user who has already robbed

You haven't addressed the claim there either. Simple denials mean nothing.

Multiple users have reported it so it's not just one.

AKA JayDDee, cpuminer-opt developer. https://github.com/JayDDee/cpuminer-opt
https://bitcointalk.org/index.php?topic=5226770.msg53865575#msg53865575
BTC: 12tdvfF7KmAsihBXQXynT6E6th2c2pByTT,
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!