Bitcoin Forum
November 07, 2024, 11:43:11 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: b  (Read 2262 times)
Rhydic (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
August 25, 2011, 01:40:49 AM
Last edit: May 27, 2015, 05:23:47 AM by Rhydic
 #1

b
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
August 25, 2011, 01:43:37 AM
 #2

How'd you get that?
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
August 25, 2011, 02:01:05 AM
 #3

What was used to pick up the trojan?
Yuusha
Full Member
***
Offline Offline

Activity: 196
Merit: 100



View Profile
August 25, 2011, 02:14:55 AM
 #4

Looks like the malware removal tool built into Windows 7.
Exonumia
Full Member
***
Offline Offline

Activity: 189
Merit: 101



View Profile
August 25, 2011, 02:50:32 AM
 #5



everywhere

What do you mean everywhere?

Most of the AV databases are flagging Ufasoft as a "possible threat" because it is being used in a trojan package as the miner for their botnet.

http://www.f-secure.com/weblog/archives/00002207.html
http://www.pcmag.com/article2/0,2817,2390290,00.asp

The theory is that if you know nothing about bitcoin and you find this program on your machine you know you have an issue.
Does this mean the Ufasoft miner is a virus? I still don't think so... but... I can't say for sure it isn't.

Ikarus (the av engine I use) labels it as "possible-Threat.Win32.BitCoinMiner", they originally labeled it as a Trojan but changed it to "possible threat" after many submitted it for analysis.

If you are wondering why you even have Ufasoft miner on your machine if you don't use it... it used to be included in Kiv's GUIMiner package (he has removed it from the package due to this alerting issue in the most current version, although it is still supported by GUIminer, you just need to download it separately now).
geek-trader
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
August 25, 2011, 03:38:37 AM
 #6

Solution:  Don't use Windows.

Make 1 deposit and earn BTC for life! http://bitcoinpyramid.com/r/345
Play my FREE HTML5 games at: http://magigames.org  BTC donations accepted.
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 25, 2011, 03:41:39 AM
 #7

Solution:  Don't use Windows.
...or Java.

geek-trader
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
August 25, 2011, 03:56:29 AM
 #8

Solution:  Don't use Windows.
...or Java.

Google Chrome will ask you before it runs Java from a web page.  Very nice feature.

Make 1 deposit and earn BTC for life! http://bitcoinpyramid.com/r/345
Play my FREE HTML5 games at: http://magigames.org  BTC donations accepted.
BitVapes
Full Member
***
Offline Offline

Activity: 140
Merit: 100


BitVapes.com


View Profile WWW
August 25, 2011, 05:15:16 AM
 #9

Solution:  Don't use Windows.
...or Java.

Google Chrome will ask you before it runs Java from a web page.  Very nice feature.

and Chrome will track your every movement online and phone home to the Googleplex, where the FBI/CIA/NSA have direct access to the records without need for search warrants, awesome

Buy Electronic Cigarettes with Bitcoin @ http://bitvapes.com
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 25, 2011, 05:35:08 AM
 #10

Solution:  Don't use Windows.
...or Java.

Google Chrome will ask you before it runs Java from a web page.  Very nice feature.

and Chrome will track your every movement online and phone home to the Googleplex, where the FBI/CIA/NSA have direct access to the records without need for search warrants, awesome
Google can have my first born if they want.

vapourminer
Legendary
*
Offline Offline

Activity: 4508
Merit: 4094


what is this "brake pedal" you speak of?


View Profile
August 25, 2011, 11:07:03 AM
 #11

MSE flagged coinminer when I copied the july version of guiminer to a backup drive in preparation to install the new aug version. coinminer is not used by guiminer unless you call it specifically, and is not in the new version.

tell MSE (or whatever) it to Remove or Quarantine it and relax.. well, thats IF you found it in an old version of guiminer anyway. otherwise something tried to drop it in yer system.
Ten98
Sr. Member
****
Offline Offline

Activity: 1008
Merit: 250


View Profile
August 25, 2011, 12:36:50 PM
 #12

MSE flagged coinminer when I copied the july version of guiminer to a backup drive in preparation to install the new aug version. coinminer is not used by guiminer unless you call it specifically, and is not in the new version.

tell MSE (or whatever) it to Remove or Quarantine it and relax.. well, thats IF you found it in an old version of guiminer anyway. otherwise something tried to drop it in yer system.

Yeah bit of a false positive tbqh. Not needed for GPU mining so Quarrantine it if you like, I just "allow" it.
onesalt
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500


View Profile
August 25, 2011, 07:45:29 PM
 #13

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 26, 2011, 12:55:03 AM
 #14

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.

onesalt
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500


View Profile
August 26, 2011, 02:39:47 AM
 #15

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.

Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!!
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 26, 2011, 02:41:21 AM
 #16

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.

Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!!
I don't understand your sarcasm.
Are you bashing on the people who know about botnets or...?

onesalt
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500


View Profile
August 26, 2011, 02:43:02 AM
 #17

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.

Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!!
I don't understand your sarcasm.
Are you bashing on the people who know about botnets or...?

Do you understand how bounties work, this is important.
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 26, 2011, 02:52:31 AM
 #18

Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.

Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!!
I don't understand your sarcasm.
Are you bashing on the people who know about botnets or...?

Do you understand how bounties work, this is important.
I think so...
A group or individual wants something done, so they put an offer on the table for someone to complete it.
Upon completion, the offer gets paid.

vapourminer
Legendary
*
Offline Offline

Activity: 4508
Merit: 4094


what is this "brake pedal" you speak of?


View Profile
August 26, 2011, 07:38:39 AM
 #19

[coinminer being flagged]

tell MSE (or whatever) it to Remove or Quarantine it and relax.

Yeah bit of a false positive tbqh. Not needed for GPU mining so Quarrantine it if you like, I just "allow" it.

true, not a threat per se. it was flagged a "medium" threat and listed as a legit program. just a possible symptom of a trojan or other problem.

as I dont use it (or ever plan to) I figure Ill tell MSE to zap it and that way if something ever tried to drop it its toast.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!