Bitcoin Forum
November 13, 2024, 04:47:01 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Bitcoin Forum > Alternate cryptocurrencies > Mining (Altcoins) > ATTENTION ! Dangerous trojan on this forum from HERO member !!!
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: ATTENTION ! Dangerous trojan on this forum from HERO member !!!  (Read 359 times)
quantumj (OP)
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1


View Profile
February 10, 2020, 08:29:04 AM
Last edit: February 10, 2020, 10:19:40 AM by quantumj
 #1
TOPIC
https://bitcointalk.org/index.php?topic=5223499

ATTENTION !!!
TROJAN DETECTED!!!
IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILES CREATED:
--- Backdoor.Agent.Generic (Malwarebytes report), C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
Quote
[InternetShortcut]
C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe
IconIndex=0
IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
--- TROJAN FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\
https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection

Quote
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through
[02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through
[02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06
[02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
Lafu
Legendary
*
Offline Offline

Activity: 3150
Merit: 3228



View Profile
February 10, 2020, 05:13:54 PM
 #2
You should be Moving this thread to the Mining Section so all can see it there.
And yes it dosnt looks good and have some Malware and Trojan in it .
Report the thread if you think its dangerous.
..Betcoin.ag..
▄▄█████▌███▄▄
▄▄████████▄▄▄████▄▄
▄███▄▄█▀▄▄▄▄▄▄▄▀██████▄
▄██▄█▀▄▄████▄▄█▄▄█████▄
▄████▀▄██████████▄██▄██▌██▄
████▌▐█████▐██▀██▌██▌▐████
▀▀▀█▌▐███████████▀███▌▐█▄▄▄
████▌▐███▄██▀████████▌▐████
▀██▐█▄▀██▀███████▀██▀▄████▀
▀████▄▀▀█▀▀████▀▀▄█▀██▀
▀██████▄▄▀▀▀▀▀▄▄█▀▀███▀
▀▀████▀▀▀████████▀▀
▀▀████▀▀███▐██████▀████▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀
..#1 Bitcoin Casino.........Sportsbook..........Provably Fair...
rikko72
Hero Member
*****
Offline Offline

Activity: 1022
Merit: 543



View Profile
February 11, 2020, 12:33:22 AM
 #3
Quote from: quantumj on February 10, 2020, 08:29:04 AM
TOPIC
https://bitcointalk.org/index.php?topic=5223499

ATTENTION !!!
TROJAN DETECTED!!!
IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILES CREATED:
--- Backdoor.Agent.Generic (Malwarebytes report), C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
Quote
[InternetShortcut]
C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe
IconIndex=0
IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
--- TROJAN FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\
https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection

Quote
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through
[02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through
[02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06
[02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
go to the official branch and show it there. I bet you are the offended user who has already robbed
joblo
Legendary
*
Offline Offline

Activity: 1470
Merit: 1114


View Profile
February 11, 2020, 01:41:54 AM
 #4
Quote from: rikko72 on February 11, 2020, 12:33:22 AM
go to the official branch and show it there. I bet you are the offended user who has already robbed

You haven't addressed the claim there either. Simple denials mean nothing.

Multiple users have reported it so it's not just one.
AKA JayDDee, cpuminer-opt developer. https://github.com/JayDDee/cpuminer-opt
https://bitcointalk.org/index.php?topic=5226770.msg53865575#msg53865575
BTC: 12tdvfF7KmAsihBXQXynT6E6th2c2pByTT,
Pages: [1]
  Print  
Bitcoin Forum > Alternate cryptocurrencies > Mining (Altcoins) > ATTENTION ! Dangerous trojan on this forum from HERO member !!!
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!