nvmind (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
June 28, 2011, 01:02:48 AM |
|
Why is AVG antivirus claiming bitcoin is malware and deleting from my pc?
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
June 28, 2011, 01:03:52 AM |
|
The installer? The client? Which version? And what code is it giving you?
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
nvmind (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
June 28, 2011, 01:52:52 AM |
|
The installer? The client? Which version? And what code is it giving you?
The client. It seems to be an evolving problem. I first had it happen with 0.032.21 win 32 as soon as I installed it. Since I did not pay much attetnion to where I got it from I deleted it. I then checked that installs were from sourceforge and installed 0.3.22 and had it happen again then I tried 0.3.23rc1 which I had been using upto today. Then I suddenly had it removed by AVG again. I have now tried 0.3.23 win 32 and as yet have had no problem but I suspect I will. http://dktec.biz/files/bitcoinAVG.jpghttp://dktec.biz/files/bitcoinAVG2.jpg
|
|
|
|
lateminer
Newbie
Offline
Activity: 22
Merit: 0
|
|
June 28, 2011, 05:24:00 AM |
|
AVG also detects your cracks and keygens for your pirated software, whats new?
|
|
|
|
Oldminer
Legendary
Offline
Activity: 1022
Merit: 1001
|
|
June 28, 2011, 05:32:02 AM |
|
Use Avira
|
|
|
|
striker11111111
Newbie
Offline
Activity: 11
Merit: 0
|
|
June 28, 2011, 06:19:29 AM |
|
just AVG being aggressive. Protection and convenience are 2 ends of the same teeter totter when it comes to computer safety. You give up one to get the other, inverse correlation.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
June 28, 2011, 06:22:01 AM |
|
THis probably happens because botnets are probably distributing bitcoin in order to mine on zombie computers... and as a few people find the intrusion and send the unwanted files they found on their machine to AV labs for analysis, it results in bitcoin executables being flagged as malware.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
June 28, 2011, 06:22:38 AM |
|
AVG also detects your cracks and keygens for your pirated software, whats new?
That's because cracks and keygens are trojans, more often than not.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
lateminer
Newbie
Offline
Activity: 22
Merit: 0
|
|
June 28, 2011, 06:56:26 AM |
|
Had to find out the hard way?
|
|
|
|
x0Jakeyboy0x
|
|
June 28, 2011, 07:42:14 AM |
|
I too noticed some funny activities. It asked permission to connect to 193.107.204.81 upon which my googling led to... --------------------------------------------------------- IP Address = 193.107.204.81 Threat Level = High Threat Category = Malware Controller Threat Description = Malware scan and infect source Hostname = irc.lfnet.org Service Provider = BLOCK FOR PI ASSIGNMENTS Domain Name = IPAPER.COM ASN Number = 50763 ASN Name = MCKAYCOM MCKAYCOM LTD Network Speed = DSL Country CC = UK Country = UNITED KINGDOM Region = - City = - Longitude = -4.47300004959106 Latitude = 54.1500015258789 Zipcode = - TimeZone = +00:00 BestAnswer = 1 --------------- thank you for asking --------------------
Though maybe it doesn't like the idea of IRC. Hmm.
|
|
|
|
Gabi
Legendary
Offline
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
|
|
June 28, 2011, 07:47:28 AM |
|
Bitcoin client connect to irc to connect to other nodes if i am right
|
|
|
|
BCwinning
|
|
June 28, 2011, 07:48:41 AM |
|
I ran avg on a win7 box and it didn't flag bitcoin. Where did you download your source from?
|
The New World Order thanks you for your support of Bitcoin and encourages your continuing support so that they may track your expenditures easier.
|
|
|
nvmind (OP)
Newbie
Offline
Activity: 17
Merit: 0
|
|
June 28, 2011, 08:02:48 AM |
|
|
|
|
|
BCwinning
|
|
June 28, 2011, 08:23:00 AM |
|
my exe wasn't the rc1, shouldn't matter it's a trusted site.
|
The New World Order thanks you for your support of Bitcoin and encourages your continuing support so that they may track your expenditures easier.
|
|
|
hsf_context
|
|
June 28, 2011, 09:29:02 AM |
|
Using AVG and so far no problems with Bitcoins.
|
Digital artist for hire! Sketches anyone? Want a custom Photoshop artwork? PM me! GIF banners available too!
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
June 28, 2011, 09:29:53 AM |
|
This is heuristic detection based on the code doing a number of things AVG considers suspicious. For one thing, it's receiving a lot of network connections on a port unknown to AVG. The thing that puzzles me though is AVG says it's injecting code. There are a number of legitimate reasons it might do that, but I can't figure out from the source why it would be doing that.
Those not having problems may have heuristic detection off or may have the threshold set higher. Heuristic detection will have a lot of false positives.
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
syb3ria
Newbie
Offline
Activity: 55
Merit: 0
|
|
June 28, 2011, 09:52:18 AM |
|
I don't know about AVG, but you may check the miner with http://www.virustotal.com/. Last time i checked, all the AV/malware scanners said it's clear
|
|
|
|
schickel
Newbie
Offline
Activity: 8
Merit: 0
|
|
July 18, 2011, 07:26:19 AM |
|
I also had a flag from AVG. This, though, was a flag for a PUP (Potentially Unwanted Program) raised on UfaSoft's bitcoin-miner.exe. I'm assuming this was becuase of distribution by trojans dropping the miner on PCs to generate hashes for the distributer....
|
|
|
|
The00Dustin
|
|
July 18, 2011, 10:16:03 AM |
|
I also had a flag from AVG. This, though, was a flag for a PUP (Potentially Unwanted Program) raised on UfaSoft's bitcoin-miner.exe. I'm assuming this was becuase of distribution by trojans dropping the miner on PCs to generate hashes for the distributer.... And because a corporation might not want its employees using their resources for mining...
|
|
|
|
repentance
|
|
July 18, 2011, 10:29:41 AM |
|
I'm aware of someone who unexpectedly found bitc.exe *32 on their computer today and has submitted it to the major AV companies for analysis.
|
All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
|
|
|
|