|
kaicrypzen (OP)
|
 |
December 12, 2016, 03:22:48 PM
Last edit: December 12, 2016, 07:33:58 PM by kaicrypzen |
|
Hi, Having read what is written on other similar threads, I assume that the issue I am facing is a false positive. I am posting it in case there is a chance it can be something else ... So, when dowloading the blockchain for Bitcoin core 0.13.1, on Windows 10 64 bits, Avast alerts me that a virus has been found and that it will be deleting it. Here is what it logs/deletes: C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Frodo (4k, 200 years) (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Leprosy (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Syslock (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Murphy (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] AntiCad-4096 (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] BV:Akuma-A (0) I'll be configuring Avast to ignore the blocks directory in order to move on. If anyone have an(other) advice, please don't be shy  . Thank you. |
|
|
|
|
|
|
|
|
|
|
The trust scores you see are subjective; they will change depending on who you have in your trust list. |
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
shorena
Copper Member
Legendary
 Offline
Activity: 1498
Merit: 1520
No I dont escrow anymore.
|
|
December 12, 2016, 03:32:02 PM |
|
Hi, Having read what is written here and on other similar threads, I assume that the issue I am facing is also a false positive. I am posting it in case there is a chance it can be something else ... So, when dowloading the blockchain for Bitcoin core 0.13.1, on Windows 10 64 bits, Avast alerts me that a virus has been found and that it will be deleting it. Here is what it logs/deletes: C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Frodo (4k, 200 years) (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Leprosy (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Syslock (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] Murphy (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] AntiCad-4096 (0)
C:\Users\<me>\AppData\Roaming\Bitcoin\blocks\blk00129.dat [L] BV:Akuma-A (0) I'll be configuring Avast to ignore the blocks directory in order to move on. If anyone have an(other) advice, please don't be shy . Thank you. Write them a mail, at the very least they should ask and not just delete the files. |
Im not really here, its just your imagination.
|
|
|
|
kaicrypzen (OP)
|
|
December 12, 2016, 03:41:38 PM
Last edit: December 12, 2016, 07:34:20 PM by kaicrypzen |
|
Write them a mail, at the very least they should ask and not just delete the files.
I just checked, Avast is configured to repair, if it fails, it tries to move the infected file to quarantine, if it fails, it deletes it. I don't remember if this is the default setting or if it was mine . Anyway, I changed it to ask  , I think it's better than to exclude files/dirs, you never know. Thx. |
|
|
|
|
Babayega31
|
|
December 13, 2016, 08:49:41 AM |
|
Write them a mail, at the very least they should ask and not just delete the files.
I just checked, Avast is configured to repair, if it fails, it tries to move the infected file to quarantine, if it fails, it deletes it. I don't remember if this is the default setting or if it was mine . Anyway, I changed it to ask , I think it's better than to exclude files/dirs, you never know. Thx. You better change to another antivirus like eset nod32 its more accurate than avast, because avast sometimes very strict and could not identify actual virus database even if you updated it from the virus database. I can really prove it exactly because i had an experience with avast for 3 years of pc servicing, i fail from it due to viruses was stack at drive without even detected by avast and detected some false viruses which is a part of the installed games which cannot harm my computer. I think that the problem stated in the detected virus while downloading the blockchain was false detected by avast. |
|
|
|
|
kaicrypzen (OP)
|
|
December 13, 2016, 08:22:16 PM |
|
You better change to another antivirus like eset nod32 its more accurate than avast, because avast sometimes very strict and could not identify actual virus database even if you updated it from the virus database. I can really prove it exactly because i had an experience with avast for 3 years of pc servicing, i fail from it due to viruses was stack at drive without even detected by avast and detected some false viruses which is a part of the installed games which cannot harm my computer. I think that the problem stated in the detected virus while downloading the blockchain was false detected by avast.
Thx for the suggestion. Didn't know about this software, always used Avast, it's free, doesn't use a lot af resources and does the job (I think). I'll look into nod32. |
|
|
|
Decoded
Legendary
Offline
Activity: 1232
Merit: 1030
give me your cryptos
|
|
December 14, 2016, 04:08:23 AM |
|
You better change to another antivirus like eset nod32 its more accurate than avast, because avast sometimes very strict and could not identify actual virus database even if you updated it from the virus database. I can really prove it exactly because i had an experience with avast for 3 years of pc servicing, i fail from it due to viruses was stack at drive without even detected by avast and detected some false viruses which is a part of the installed games which cannot harm my computer. I think that the problem stated in the detected virus while downloading the blockchain was false detected by avast.
Thx for the suggestion. Didn't know about this software, always used Avast, it's free, doesn't use a lot af resources and does the job (I think). I'll look into nod32. I'll recommend Avira. I used to use AVG free for a while, but my computer got a virus (SearchProtect, IIRC), which was even obious to me, but didn't seem to want to be detected by AVG. I then uninstalled it and sent through a phase looking for a good AV. I went from AVG, avast, Norton malwarebytes and bitdefender, and finally Avira, which was the only one that detected it. |
looking for a signature campaign, dm me for that
|
|
|
|
kaicrypzen (OP)
|
|
December 14, 2016, 02:03:28 PM |
|
I'll recommend Avira. I used to use AVG free for a while, but my computer got a virus (SearchProtect, IIRC), which was even obious to me, but didn't seem to want to be detected by AVG. I then uninstalled it and sent through a phase looking for a good AV. I went from AVG, avast, Norton malwarebytes and bitdefender, and finally Avira, which was the only one that detected it.
Thx for the suggestion. I remember trying Avira for a limited period of time a while ago, I remember it needing more resources than Avast, but maybe it's not the case anymore. I also had Norton and AVG and these also needed more resources. If you say Avira can detect viruses that Avast won't, maybe it's worth the additional resources. Have you switched to Avira recently or was it a while ago? |
|
|
|
vapourminer
Legendary
Offline
Activity: 4326
Merit: 3523
what is this "brake pedal" you speak of?
|
|
December 17, 2016, 07:26:39 PM |
|
running avast free here. no probs, i just exclude the blockchain, wallet and miner folders.
should probably add those folders to your AV exclusion list no matter what AV you use.
|
|
|
|
|
DarkStar_
Legendary
Offline
Activity: 2758
Merit: 3282
|
|
December 18, 2016, 12:56:10 AM |
|
IIRC some blocks in the bitcoin blockchain will show up as viruses because people decided to include the code of known viruses into the signature of some transactions, which is why it's detected by Avast. They can't get triggered though, so it's safe to ignore them.
|
taking a break - expect delayed responses
|
|
|
|
kaicrypzen (OP)
|
|
December 18, 2016, 10:14:10 AM |
|
IIRC some blocks in the bitcoin blockchain will show up as viruses because people decided to include the code of known viruses into the signature of some transactions
Just for fun ? (Or could it have any consequences?) should probably add those folders to your AV exclusion list no matter what AV you use.
which is why it's detected by Avast. They can't get triggered though, so it's safe to ignore them.
Yep, I'll be ignoring them from now on. Thx for the replies. |
|
|
|
|
sxafir
|
|
December 23, 2016, 09:32:29 PM |
|
Two years ago download all blockhain with no virus.Eset not 32 or Norton.
|
|
|
|
|
UGMZ
Newbie
Offline
Activity: 14
Merit: 0
|
|
December 24, 2016, 12:08:16 AM |
|
To be honest most AV these days is typical spyware. You name one AV that dose not have popups, Scan your traffic, Send epic amounts of "private" data back to the company.. let alone countless false positives they throw up.
In todays world of the Internet criminals know how to bypass any AV. yes they do stop the skids with there silly rat's but the serious cybercrims out there know how to FUD (fully un detectable) there virus's.
Your better off without AV and stay away from sketchy websites (Porn, Warze, p2p, Streams) keep your system up to date with latest security patches and use a good firewall! even buy a hardware firewall!
|
|
|
|
|
Decoded
Legendary
Offline
Activity: 1232
Merit: 1030
give me your cryptos
|
|
December 24, 2016, 03:13:17 AM |
|
To be honest most AV these days is typical spyware. You name one AV that dose not have popups, Scan your traffic, Send epic amounts of "private" data back to the company.. let alone countless false positives they throw up.
In todays world of the Internet criminals know how to bypass any AV. yes they do stop the skids with there silly rat's but the serious cybercrims out there know how to FUD (fully un detectable) there virus's.
Your better off without AV and stay away from sketchy websites (Porn, Warze, p2p, Streams) keep your system up to date with latest security patches and use a good firewall! even buy a hardware firewall!
It depends on your view of them, I guess. I go for trustable companies only. 1. Popups are good for alerting your for threats. Sometimes "free" versions advertise the paid versions through popups. That's why I use a program that's 100% free, or use the paid version. 2. They scan your traffic for any incoming or outgoing packets that could be malicious or sending your private information to a malicious host. 3. The data you're sending to them is usually samples of files the antivirus isn't sure about, or that the antivirus sees as a virus. 4. Your AV can't be perfect. New viruses are being developed all the time, and some newer AVs are using server-side AI. |
looking for a signature campaign, dm me for that
|
|
|
philipma1957
Legendary
 Online
Activity: 4116
Merit: 7858
'The right to privacy matters'
|
|
December 24, 2016, 04:58:17 AM |
|
Your download of the blockchain should be on a dedicated pc.
So you don't need a virus program.
|
|
|
|
UGMZ
Newbie
Offline
Activity: 14
Merit: 0
|
|
December 24, 2016, 11:18:34 AM |
|
[/quote] It depends on your view of them, I guess. I go for trustable companies only. 1. Popups are good for alerting your for threats. Sometimes "free" versions advertise the paid versions through popups. That's why I use a program that's 100% free, or use the paid version. 2. They scan your traffic for any incoming or outgoing packets that could be malicious or sending your private information to a malicious host. 3. The data you're sending to them is usually samples of files the antivirus isn't sure about, or that the antivirus sees as a virus. 4. Your AV can't be perfect. New viruses are being developed all the time, and some newer AVs are using server-side AI. [/quote] In todays world how do you define a "trusted" company.. To be very honest I have tested the top 10 AV companies via wireshark and DPI you would be surprised that all the traffic you send and receive is being analyzed and in todays "surveillance" world thats a very bad thing. Yes I agree that scanning packets for "malicious" material is a good thing, But do you really know what the AV's are doing with this information they gather? Do you know for sure they don't pat old uncle sam on the back and hand it all over... My guess is they do.. AV is on almost every system in some form or another what better way to "collect it all" piggybacking off the AV's networks. I direct you to this post http://uk.pcmag.com/opinion/10154/symantec-says-antivirus-is-dead-world-rolls-eyesThanks UMHZ |
|
|
|
|
|
kaicrypzen (OP)
|
|
December 24, 2016, 01:22:41 PM |
|
Your better off without AV and stay away from sketchy websites (Porn, Warze, p2p, Streams) keep your system up to date with latest security patches and use a good firewall! even buy a hardware firewall!
I actually never considered having a Windows PC without an Antivirus, I would feel my PC is less secure, I'm not yet ready for that ... Any advice on an AV that is more privacy-friendly? On a hardware firewall? Thx. Your download of the blockchain should be on a dedicated pc.
So you don't need a virus program.
Thx for the suggestion, thinking that my PC was quite secure, I didn't really consider that option ... Yet you have a point, a day-to-day PC might not be suited for storing bitcoins no matter how secure (I think) it is ... |
|
|
|
UGMZ
Newbie
Offline
Activity: 14
Merit: 0
|
|
December 24, 2016, 01:58:07 PM |
|
I wouldn't trust many AV's to be honest. Yes I agree scanning files is a must if you are a downloaded but having it constantly sniffing your webtrafic I would say is spying. as you never know where your data will end up. Privicy friendly av is a tough one. as many of them hide there activitys in there EPIC terms and conditions. I would recomend using a good online scanner for checking downloads and files before using them something like virus total would do. Just to prove what I mean here is the terms of avast! https://www.avast.com/privacy-policySee this passage V. Storage, Retention, and Deletion of Personal Information Storage of information. Information that we collect is stored on our servers or on the servers of our subsidiaries, affiliates, contractors, representatives, contractors, agents, or resellers who are working on our behalf. Personally identifiable information on our servers is only accessible from our physical premises, or via an encrypted virtual private network (VPN). Access is limited to authorized personnel only, and company networks are password protected, and subject to additional policies and procedures for security. Data collected by Avast BackUp is transmitted in encrypted format using SSL technology, and stored under minimum 256-bit key encryption. Information collected by Avast CreditAlert is transmitted using SSL technology, and very private information such as financial data is stored under rotating 256-bit key encryption. Data transmitted using Avast SecureLine VPN service is also encrypted. In all cases data is transmitted to and from our servers using https protocol. In some cases this information may be transmitted to or stored within the European Union (“EU”), and in other cases the information may be transmitted to or stored at a location outside the territory of EU member states, such as the United States or other non-EU locations. If you read ALL there terms (3659 pages) it makes clear that there partners include the federal government All AV's are the same and have the same sort of rules.. My advice.. Remove AV and stay away from the underground of the internet! |
|
|
|
|
thejaytiesto
Legendary
Offline
Activity: 1358
Merit: 1014
|
|
December 26, 2016, 04:10:54 PM |
|
I wouldn't trust many AV's to be honest. Yes I agree scanning files is a must if you are a downloaded but having it constantly sniffing your webtrafic I would say is spying. as you never know where your data will end up. Privicy friendly av is a tough one. as many of them hide there activitys in there EPIC terms and conditions. I would recomend using a good online scanner for checking downloads and files before using them something like virus total would do. Just to prove what I mean here is the terms of avast! https://www.avast.com/privacy-policySee this passage V. Storage, Retention, and Deletion of Personal Information Storage of information. Information that we collect is stored on our servers or on the servers of our subsidiaries, affiliates, contractors, representatives, contractors, agents, or resellers who are working on our behalf. Personally identifiable information on our servers is only accessible from our physical premises, or via an encrypted virtual private network (VPN). Access is limited to authorized personnel only, and company networks are password protected, and subject to additional policies and procedures for security. Data collected by Avast BackUp is transmitted in encrypted format using SSL technology, and stored under minimum 256-bit key encryption. Information collected by Avast CreditAlert is transmitted using SSL technology, and very private information such as financial data is stored under rotating 256-bit key encryption. Data transmitted using Avast SecureLine VPN service is also encrypted. In all cases data is transmitted to and from our servers using https protocol. In some cases this information may be transmitted to or stored within the European Union (“EU”), and in other cases the information may be transmitted to or stored at a location outside the territory of EU member states, such as the United States or other non-EU locations. If you read ALL there terms (3659 pages) it makes clear that there partners include the federal government All AV's are the same and have the same sort of rules.. My advice.. Remove AV and stay away from the underground of the internet! I don't think it's a safe practice at all to remove the av's and firewalls etc. It may end up being worse, because you may get infected by some attacker and get stolen your credit card and banking information, personal information and crypto, you could get deployed ramsomware... endless attacks. That vs inevitably being exposed to government seems better. They store too much data anyway, nobody will care about you. In any case if you want true privacy the only way is to use a Linux OS and Tor/VPN. |
|
|
|
|
|
kaicrypzen (OP)
|
|
December 29, 2016, 09:58:36 PM |
|
I would recomend using a good online scanner for checking downloads and files before using them something like virus total would do.
Will surely try to do that in the future. My advice.. Remove AV and stay away from the underground of the internet!
I can't bring myself to run Windows without an AV , do you have a Windows on which you don't have an AV? On a Linux, there's no need for that, I'll probably switch to full Linux very soon. I don't think it's a safe practice at all to remove the av's and firewalls etc. It may end up being worse, because you may get infected by some attacker and get stolen your credit card and banking information, personal information and crypto, you could get deployed ramsomware... endless attacks. That vs inevitably being exposed to government seems better. They store too much data anyway, nobody will care about you.
These attacks can be dealt with by adopting some best practices, like not using IE , not opening suspicious emails, checking websites security certificates etc. My AV rarely alerts me, actually it started alerting me the most when I started using crypto . Generally false positives ... They store too much data anyway, nobody will care about you.
I think I agree on this part, yet, for me, it's quite troubling to know that my data is out there for some people to use ... (even if they might never use it). In any case if you want true privacy the only way is to use a Linux OS and Tor/VPN.
Yep, that's the way to go. |
|
|
|
vapourminer
Legendary
Offline
Activity: 4326
Merit: 3523
what is this "brake pedal" you speak of?
|
|
December 30, 2016, 01:54:37 AM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* |
|
|
|
|
philipma1957
Legendary
Online
Activity: 4116
Merit: 7858
'The right to privacy matters'
|
|
December 30, 2016, 05:05:21 AM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* Any Pc can be compromised. I don't use virus on any of my pcs but I have 12 dedicated miners Three Mac minis Two tablets A laptop. Three mini pcs Almost all online is done with the macs. There harder to infect but they have three cloned backups per each mac. And three time machines And two in house nas for backup. It is an alternative to virus programs. I also,know what not,to click and what to,click. Still can't be perfectly safe. |
|
|
|
|
kaicrypzen (OP)
|
|
December 30, 2016, 08:10:44 AM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* Any Pc can be compromised. Yes of course, the meaning was that Linux PCs (for home usage) seem to be less targeted by infections, or is this not the case? vapourminer, you should go see a doctor so that your cough doesn't get worse and ask them on how you could actually write sentences to express your point of view, you seem to have trouble with that too ... |
|
|
|
|
BigBoom3599
|
|
December 30, 2016, 01:44:15 PM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* Any Pc can be compromised. Yes of course, the meaning was that Linux PCs (for home usage) seem to be less targeted by infections, or is this not the case? Indeed, there are way more (home) pc's running Windows than Linux and the people using Windows are generally less tech-savvy so it'd be easy to make them click on something. Of course that doesn't protect you from someone specifically targeting you. |
|
|
|
|
vapourminer
Legendary
Offline
Activity: 4326
Merit: 3523
what is this "brake pedal" you speak of?
|
|
December 30, 2016, 03:45:19 PM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* Any Pc can be compromised. Yes of course, the meaning was that Linux PCs (for home usage) seem to be less targeted by infections, or is this not the case? vapourminer, you should go see a doctor so that your cough doesn't get worse and ask them on how you could actually write sentences to express your point of view, you seem to have trouble with that too ... lol i work for MDs. ENTs to be more precise. point taken however i do tend to post in a hurry.. |
|
|
|
|
|
duyduc256
|
|
December 30, 2016, 04:05:19 PM |
|
On a Linux, there's no need for that, I'll probably switch to full Linux very soon. [no av needed or virii (<-is that a word?) for linux] *cough* bullshit*cough* I still don't understand why Linux users think that operating system is safer than Windows !? |
|
|
|
|
UGMZ
Newbie
Offline
Activity: 14
Merit: 0
|
|
December 30, 2016, 04:11:10 PM |
|
I disagree. Linux and Mac can be popped just as easy as a windows machine.. You just need to look at Exploit DB to see the "massive" list of vuls for each system. https://www.exploit-db.com/shellcode/?order_by=title&order=asc&p=Lin_x86I am a Linux user and as long as your know how to use your IP tables and make sure there is nothing running that could expose the system then Its quiet save. Only issue these days is exploit kits.. and iffy social media links. One click on a exploit pack link without fully patches system or worse running flash! (not recommended) and it could be good bye system! Av might protect you from the skids out there with there daft remote admint tools, But the real cybercrims will have your system and anything on it without so much as a popup from you AV.. |
|
|
|
|
|
kaicrypzen (OP)
|
|
December 30, 2016, 04:45:25 PM |
|
lol i work for MDs. ENTs to be more precise. point taken however i do tend to post in a hurry.. Genuinely glad it made you laugh . I still don't understand why Linux users think that operating system is safer than Windows !?
I (don't know about the others) don't think that it's safer, I think that home Linux PCs (not talking about (companies) big servers) are way less targeted because Windows is more widely adopted. I may have used the wrong wording to convey what I meant. Moreover, for me, it's easier to monitor what's going on on a Linux than on a Windows. Nice list, will keep an eye on it . I am a Linux user and as long as your know how to use your IP tables and make sure there is nothing running that could expose the system then Its quiet save. Only issue these days is exploit kits.. and iffy social media links. One click on a exploit pack link without fully patches system or worse running flash! (not recommended) and it could be good bye system!
I do use Linux too and as you say, as long as you adopt some practices, risks are minimized ... Of course that doesn't protect you from someone specifically targeting you.
Av might protect you from the skids out there with there daft remote admint tools, But the real cybercrims will have your system and anything on it without so much as a popup from you AV..
I agree, let's hope no real cybercrim is targeting me specifically . |
|
|
|
UGMZ
Newbie
Offline
Activity: 14
Merit: 0
|
|
December 30, 2016, 05:00:32 PM |
|
always good to run a Nmap scan on your local host see whats running (check versions) See if there are any exploits doing the rounds out there.
Linux can be quite daunting to new users thats why not many people take it up as there regular OS.
But I would have to say it offers many advantages over the usual windows platform, Since windows 10 is a absolute disgrace.
|
|
|
|
|
|
