Bitcoin Forum
January 22, 2018, 04:24:08 AM *
News: Electrum users must upgrade to 3.0.5 if they haven't already. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Norton Internet Security's false positive. Tnx dmn trojan programers!  (Read 4531 times)
PLaci1982
Full Member
***
Offline Offline

Activity: 161


Live long and prosper. \\//,


View Profile
August 01, 2011, 08:14:57 PM
 #1

With the latest virus definitions NIS 2011 will detect an older version Ufasoft miner's bitcoin-miner.exe as Trojan.Gen (generic trojan)...
(I dl'ed it packed with GUI miner 20110614 and 20110701)

The current version are also marked "possibly bad" within Norton File Insight...

Hardware Expert / WinXP, Win7 Expert

1J5oPkyGVdb4mv44KGZQYsHS2ch6e1t4rc
1516595048
Hero Member
*
Offline Offline

Posts: 1516595048

View Profile Personal Message (Offline)

Ignore
1516595048
Reply with quote  #2

1516595048
Report to moderator
1516595048
Hero Member
*
Offline Offline

Posts: 1516595048

View Profile Personal Message (Offline)

Ignore
1516595048
Reply with quote  #2

1516595048
Report to moderator
If you want to be a moderator, report many posts with accuracy. You will be noticed.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
ssateneth
Legendary
*
Offline Offline

Activity: 1302



View Profile
August 01, 2011, 08:20:18 PM
 #2

The miner itself is not a virus. Norton flagged it because the miner is being used as part of an IRC-based trojan to steal your computer's resources and make the hacker some coins at your expense.

PLaci1982
Full Member
***
Offline Offline

Activity: 161


Live long and prosper. \\//,


View Profile
August 01, 2011, 08:25:37 PM
 #3

That's why I told it's a false positive. This script kiddies irritate me.
(A real pr0 could write it's own miner....)

Hardware Expert / WinXP, Win7 Expert

1J5oPkyGVdb4mv44KGZQYsHS2ch6e1t4rc
Starlightbreaker
Legendary
*
Offline Offline

Activity: 1610



View Profile
August 02, 2011, 02:52:53 AM
 #4

norton?

well, that's your problem.
i'd rather not using anything than using norton, lol.

.
   █████▄▄▄▄
   ████████████▄▄▄            ▀██████
   ███ ▀▀▀▀█████████▄          ▀█████
   ███         ▀▀▀█████▄         ▀███
   ███              ▀▀████▄▄███    ▀▀
   ███                ▀███████▀
   ███                    █████
   ███     ███▄         ▄███████
   ▐██▌     ▀███▄     ▄███▀  ███
   ▐███       ▀███▄▄ ███▀     ███
    ███▌        ▀████        ▐██▌
     ███         ████         ███
      ███      ▄█████▄       ▐██
       ███   ▄████▀ ▀███▄     ▐██
        ███▄████▀     ▀███▄   ███
         █████▀         ▀███▄████
          ██▀             ▀█████▌
                            ▀███▌
  ██████                      ▀▀
  ▀▀▀███
     ███
█         █   ███
 █        ███  ███  █
███       ███   █  ███
███   █   ███   █  ███
███  ███   █       ███
███  ███   █       ███
 █   ███            █
 █    █             █
█         █   ███
 █        ███  ███  █
███       ███   █  ███
███   █   ███   █  ███
███  ███   █       ███
███  ███   █       ███
 █   ███            █
 █    █             █
             JOIN US             
DISCORD TWITTER FACEBOOK
LINKEDIN WHITEPAPER
Diapolo
Hero Member
*****
Offline Offline

Activity: 676



View Profile WWW
August 03, 2011, 03:09:36 PM
 #5

I reported 3 false positives with CGMINER files to Avira, they issue(d) and Definition Update!

cgminer.exe
libcurl-4.dll
pthreadGC2-w32.dll

Dia

Liked my former work for Bitcoin Core? Drop me a donation via:
1PwnvixzVAKnAqp8LCV8iuv7ohzX2pbn5x
bitcoin:1PwnvixzVAKnAqp8LCV8iuv7ohzX2pbn5x?label=Diapolo
film2240
Legendary
*
Offline Offline

Activity: 1022


Freelance videographer


View Profile WWW
August 07, 2011, 05:56:40 PM
 #6

Comodo firewall on my system is also reporting this as well (huh I thought a firewall is just a firewall but it behaves like AV as well)

ufasoft.exe.It loads a cmd prompt then quickly closes without doing nything and then Comodo reports that it has a trojan.

[This signature is available for rent.BTC/ETH/LTC or £50 equivalent a month]
[This signature is available for rent.BTC/ETH/LTC or £50 equivalent a month]
[This signature is available for rent.BTC/ETH/LTC or £50 equivalent a month]
computer22
Jr. Member
*
Offline Offline

Activity: 43

Go mine @ www.mine-for-us and earn Bitcoins! :)


View Profile WWW
August 09, 2011, 05:11:30 AM
 #7

Comodo firewall on my system is also reporting this as well (huh I thought a firewall is just a firewall but it behaves like AV as well)

ufasoft.exe.It loads a cmd prompt then quickly closes without doing nything and then Comodo reports that it has a trojan.
It's a commandline tool. Add it to your exception list and try starting it with a -? or -h or -help parameter.

Check www.mine-for.us for a dedicated pool with low stale rates, good PPS rates and fast payout!
getcopy
Jr. Member
*
Offline Offline

Activity: 40



View Profile
August 19, 2011, 02:10:10 PM
 #8

Comodo firewall on my system is also reporting this as well (huh I thought a firewall is just a firewall but it behaves like AV as well)

ufasoft.exe.It loads a cmd prompt then quickly closes without doing nything and then Comodo reports that it has a trojan.

You could try to pack the exe file with UPX. Most antivirus programs are so stupid that they can't recognize the program after packing.

17HNRidPgCnyTuuwKx6L5c2bHJyJCHjVyF
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!