Rhydic (OP)
Newbie
Offline
Activity: 14
Merit: 0
|
|
August 25, 2011, 01:40:49 AM Last edit: May 27, 2015, 05:23:47 AM by Rhydic |
|
b
|
|
|
|
pekv2
|
|
August 25, 2011, 01:43:37 AM |
|
How'd you get that?
|
|
|
|
pekv2
|
|
August 25, 2011, 02:01:05 AM |
|
How'd you get that?
no idea What was used to pick up the trojan?
|
|
|
|
Yuusha
|
|
August 25, 2011, 02:14:55 AM |
|
Looks like the malware removal tool built into Windows 7.
|
|
|
|
Exonumia
|
|
August 25, 2011, 02:50:32 AM |
|
everywhere What do you mean everywhere? Most of the AV databases are flagging Ufasoft as a "possible threat" because it is being used in a trojan package as the miner for their botnet. http://www.f-secure.com/weblog/archives/00002207.htmlhttp://www.pcmag.com/article2/0,2817,2390290,00.aspThe theory is that if you know nothing about bitcoin and you find this program on your machine you know you have an issue. Does this mean the Ufasoft miner is a virus? I still don't think so... but... I can't say for sure it isn't. Ikarus (the av engine I use) labels it as "possible-Threat.Win32.BitCoinMiner", they originally labeled it as a Trojan but changed it to "possible threat" after many submitted it for analysis. If you are wondering why you even have Ufasoft miner on your machine if you don't use it... it used to be included in Kiv's GUIMiner package (he has removed it from the package due to this alerting issue in the most current version, although it is still supported by GUIminer, you just need to download it separately now).
|
|
|
|
geek-trader
|
|
August 25, 2011, 03:38:37 AM |
|
Solution: Don't use Windows.
|
|
|
|
NothinG
|
|
August 25, 2011, 03:41:39 AM |
|
Solution: Don't use Windows.
...or Java.
|
|
|
|
geek-trader
|
|
August 25, 2011, 03:56:29 AM |
|
Solution: Don't use Windows.
...or Java. Google Chrome will ask you before it runs Java from a web page. Very nice feature.
|
|
|
|
BitVapes
Full Member
Offline
Activity: 140
Merit: 100
BitVapes.com
|
|
August 25, 2011, 05:15:16 AM |
|
Solution: Don't use Windows.
...or Java. Google Chrome will ask you before it runs Java from a web page. Very nice feature. and Chrome will track your every movement online and phone home to the Googleplex, where the FBI/CIA/NSA have direct access to the records without need for search warrants, awesome
|
|
|
|
NothinG
|
|
August 25, 2011, 05:35:08 AM |
|
Solution: Don't use Windows.
...or Java. Google Chrome will ask you before it runs Java from a web page. Very nice feature. and Chrome will track your every movement online and phone home to the Googleplex, where the FBI/CIA/NSA have direct access to the records without need for search warrants, awesome Google can have my first born if they want.
|
|
|
|
vapourminer
Legendary
Offline
Activity: 4508
Merit: 4094
what is this "brake pedal" you speak of?
|
|
August 25, 2011, 11:07:03 AM |
|
MSE flagged coinminer when I copied the july version of guiminer to a backup drive in preparation to install the new aug version. coinminer is not used by guiminer unless you call it specifically, and is not in the new version.
tell MSE (or whatever) it to Remove or Quarantine it and relax.. well, thats IF you found it in an old version of guiminer anyway. otherwise something tried to drop it in yer system.
|
|
|
|
Ten98
|
|
August 25, 2011, 12:36:50 PM |
|
MSE flagged coinminer when I copied the july version of guiminer to a backup drive in preparation to install the new aug version. coinminer is not used by guiminer unless you call it specifically, and is not in the new version.
tell MSE (or whatever) it to Remove or Quarantine it and relax.. well, thats IF you found it in an old version of guiminer anyway. otherwise something tried to drop it in yer system.
Yeah bit of a false positive tbqh. Not needed for GPU mining so Quarrantine it if you like, I just "allow" it.
|
|
|
|
onesalt
|
|
August 25, 2011, 07:45:29 PM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
|
|
|
|
NothinG
|
|
August 26, 2011, 12:55:03 AM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit.
|
|
|
|
onesalt
|
|
August 26, 2011, 02:39:47 AM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit. Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!!
|
|
|
|
NothinG
|
|
August 26, 2011, 02:41:21 AM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit. Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!! I don't understand your sarcasm. Are you bashing on the people who know about botnets or...?
|
|
|
|
onesalt
|
|
August 26, 2011, 02:43:02 AM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit. Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!! I don't understand your sarcasm. Are you bashing on the people who know about botnets or...? Do you understand how bounties work, this is important.
|
|
|
|
NothinG
|
|
August 26, 2011, 02:52:31 AM |
|
Hey wow look its the exact same thing I pointed out like 2 fucking months ago which you idiots laughed about it and said I was a moronic trolling retard for pointing out, and OH LOOK AV companies have picked up on it and realised "hey shit this thing is propagating botnets!!" Which is bad fucking news because AV companies very quickly try to stamp out botnets and things associated with them. The fact microsoft put up a bounty of a million dollars to stamp out a fairly low key botnet should be evidence enough of this, damn.
1 Million USD is toilet paper to Microshit. Wow no shit it's almost like to anyone else who might actually have information as to who runs the botnet that might actually be quite a large sum of money! well done!! I don't understand your sarcasm. Are you bashing on the people who know about botnets or...? Do you understand how bounties work, this is important. I think so... A group or individual wants something done, so they put an offer on the table for someone to complete it. Upon completion, the offer gets paid.
|
|
|
|
vapourminer
Legendary
Offline
Activity: 4508
Merit: 4094
what is this "brake pedal" you speak of?
|
|
August 26, 2011, 07:38:39 AM |
|
[coinminer being flagged]
tell MSE (or whatever) it to Remove or Quarantine it and relax.
Yeah bit of a false positive tbqh. Not needed for GPU mining so Quarrantine it if you like, I just "allow" it. true, not a threat per se. it was flagged a "medium" threat and listed as a legit program. just a possible symptom of a trojan or other problem. as I dont use it (or ever plan to) I figure Ill tell MSE to zap it and that way if something ever tried to drop it its toast.
|
|
|
|
|