|
TheFridge
|
 |
August 05, 2014, 02:10:57 PM |
|
Is there a link to a virustotal report that shows the qt wallet with the trojan?
Unfortunately I have formatted the infected PC. Didnt really want it hanging around my network with all the miners and other PC's So you try to warn other people without any kind of proof except for your word? That's funny, even if this wallet actually contained a virus. What's your credibility? Look im just here to warn people, for me if I was standing on the outside it is clear as day what is going on here. And im not the only person. But everyone can make their own decisions up, whatever, my BTC and all other coins I had on that PC are gone so I have nothing to lose or gain here. I haven't opened my wallets yet to see if anything is missing on other coins. I also didn't have any coins in the zipcoin wallet as i only started yesterday. so left them on the pool. Just not sure whether to format which will take a day of two due to the info i have on the comp. Or just open and find out the hard way. lol The only time i use the Zipcoin wallet was to check for the 'anon' feature of the coin (which is non existent mind you) So yer all it needed was to be opened once and the virus was in |
|
|
|
|
|
|
|
|
|
TheFridge
|
|
August 05, 2014, 02:13:13 PM |
|
Is there a link to a virustotal report that shows the qt wallet with the trojan?
Unfortunately I have formatted the infected PC. Didnt really want it hanging around my network with all the miners and other PC's So you try to warn other people without any kind of proof except for your word? That's funny, even if this wallet actually contained a virus. What's your credibility? I HAVEN'T reformatted yet! I have deleted the files from the locals folder (and from the recycle bin) but I think the original QT I downloaded is still sat there in the bin. Fridge...was the original link you downloaded from mega just the QT and not zipped in a rar? If so I have that same QT because I can't seem to find a ZIP version of the wallet. If you need proof I could upload this or something not sure how dangerous it is for me/you guys. If there is any other way we could verify I wont be reformatting for a couple hours so we can prove this to the community For me it was only a QT that i downloaded, and it was from this URL: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo, and yes you should upload it with a warning so other people can run it and see. I would have uploaded but I started reformatting before I decided to post as well. Ok so I'm in the same boat I JUST have the QT downloaded. If I move this file back into the 'download' folder will I be OK if I dont run it? And then should I just upload the file? and to where? (sorry n00b needs help) As long as you don't run it you should be fine. Go to the following site and upload it then click on Scan. https://www.virustotal.com/Just remember though the files you deleted from the locals folder (ztor.exe and zipcoin-qt.exe) were the suspected viruses. Not sure if it will show anything up if they are not in those files anymore |
|
|
|
|
Snoop Dogg
Newbie
 Offline
Activity: 14
Merit: 0
|
|
August 05, 2014, 02:15:11 PM |
|
interest coin to know and learn about what manipulated will they use .  curious |
|
|
|
|
EntryPoint
Newbie
Offline
Activity: 54
Merit: 0
|
|
August 05, 2014, 02:15:29 PM |
|
Is there a link to a virustotal report that shows the qt wallet with the trojan?
Unfortunately I have formatted the infected PC. Didnt really want it hanging around my network with all the miners and other PC's So you try to warn other people without any kind of proof except for your word? That's funny, even if this wallet actually contained a virus. What's your credibility? I HAVEN'T reformatted yet! I have deleted the files from the locals folder (and from the recycle bin) but I think the original QT I downloaded is still sat there in the bin. Fridge...was the original link you downloaded from mega just the QT and not zipped in a rar? If so I have that same QT because I can't seem to find a ZIP version of the wallet. If you need proof I could upload this or something not sure how dangerous it is for me/you guys. If there is any other way we could verify I wont be reformatting for a couple hours so we can prove this to the community For me it was only a QT that i downloaded, and it was from this URL: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo, and yes you should upload it with a warning so other people can run it and see. I would have uploaded but I started reformatting before I decided to post as well. Ok so I'm in the same boat I JUST have the QT downloaded. If I move this file back into the 'download' folder will I be OK if I dont run it? And then should I just upload the file? and to where? (sorry n00b needs help) It should be ok if you dont run it. Upload it to megaupload again please and post the link, like I said previously it comes up clean on virus scanners. People need to download that wallet though and run it on virtual machine so they can see that it does create the backdoor. |
|
|
|
|
|
jdh015232
|
|
August 05, 2014, 02:21:00 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up
|
|
|
|
|
|
madbit1000
|
|
August 05, 2014, 02:24:28 PM |
|
Yeap, virustotal does not prove it's clean. I'm almost convinced that all this is not just FUD to get cheap coins. BTW, why don't you guys encrypt your wallets? That's why encryption is there for. To avoid situations like this. Are you sure you are nothing to do with this virus. If we encrypt the wallet, you or the keylogger will have access to all our coins. Are you for real.. |
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
EntryPoint
Newbie
Offline
Activity: 54
Merit: 0
|
|
August 05, 2014, 02:25:20 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
No the malicious wallet was linked in this announcement 2 days ago. zipdev _ account was created today, so how did I download from him before his account existed? |
|
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 05, 2014, 02:26:00 PM |
|
Is there a link to a virustotal report that shows the qt wallet with the trojan?
Unfortunately I have formatted the infected PC. Didnt really want it hanging around my network with all the miners and other PC's So you try to warn other people without any kind of proof except for your word? That's funny, even if this wallet actually contained a virus. What's your credibility? I HAVEN'T reformatted yet! I have deleted the files from the locals folder (and from the recycle bin) but I think the original QT I downloaded is still sat there in the bin. Fridge...was the original link you downloaded from mega just the QT and not zipped in a rar? If so I have that same QT because I can't seem to find a ZIP version of the wallet. If you need proof I could upload this or something not sure how dangerous it is for me/you guys. If there is any other way we could verify I wont be reformatting for a couple hours so we can prove this to the community For me it was only a QT that i downloaded, and it was from this URL: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo, and yes you should upload it with a warning so other people can run it and see. I would have uploaded but I started reformatting before I decided to post as well. Ok so I'm in the same boat I JUST have the QT downloaded. If I move this file back into the 'download' folder will I be OK if I dont run it? And then should I just upload the file? and to where? (sorry n00b needs help) It should be ok if you dont run it. Upload it to megaupload again please and post the link, like I said previously it comes up clean on virus scanners. People need to download that wallet though and run it on virtual machine so they can see that it does create the backdoor. You are right! it came up clean! Uploading to megaupload now so you guys can do your wizard shit and take a look. If you don't find anything I could try find a way to get them files that I deleted from the 'Locals' folder (and the recycle bin) if there is a way? |
|
|
|
|
|
madbit1000
|
|
August 05, 2014, 02:26:48 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up
I only visit these shithole sites on a rare occasion i need to find something out. otherwise i wouldnt waste my time here and if arseholes didnt keep fucking about with peoples lives i wouldn't need to be here now. Look the wallet is clean, its the ztor.exe file thats infected. But wont let me upload it to test it on virustotal. odd Anyone got any other solutions so i can test it. i am about to run an antivirus to test. |
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
|
TheFridge
|
|
August 05, 2014, 02:27:20 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets. I downloaded the wallet from the OP and so did others. Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/These are the viruses. EDIT: netsh.exe is also in there |
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2014, 02:31:24 PM |
|
wtf,
dev is not responding at all
|
|
|
|
|
|
TheFridge
|
|
August 05, 2014, 02:32:15 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up
Unless your the coin cloner with a massive bag that wants to sell higher. Havent people cottoned on to these things yet? |
|
|
|
|
|
madbit1000
|
|
August 05, 2014, 02:38:03 PM |
|
|
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
|
madbit1000
|
|
August 05, 2014, 02:41:06 PM |
|
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets. I downloaded the wallet from the OP and so did others. Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/These are the viruses. EDIT: netsh.exe is also in there For information.: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/ |
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
|
jdh015232
|
|
August 05, 2014, 02:43:33 PM |
|
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
|
|
|
|
|
|
TheFridge
|
|
August 05, 2014, 02:43:39 PM |
|
Yeap, virustotal does not prove it's clean. I'm almost convinced that all this is not just FUD to get cheap coins. BTW, why don't you guys encrypt your wallets? That's why encryption is there for. To avoid situations like this. Are you sure you are nothing to do with this virus. If we encrypt the wallet, you or the keylogger will have access to all our coins. Are you for real.. Obviously, wallet encryption is just another layer of security. It would just give you some time to find out about the virus problem and further protect your other wallets. FYI, without encryption ALL your wallets are in danger EVERY time you run a 3rd party proprietary application on your pc. I fucked up by not encrypting, I know. I have just ordered this https://www.buytrezor.com/ should help with BTC wallets at least |
|
|
|
|
|
TheFridge
|
|
August 05, 2014, 02:45:35 PM |
|
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
Pools and exchanges build the wallets from source, the source does not have the viruses. Only we were infected because we downloaded the packaged .exe with the viruses |
|
|
|
|
Jookly
Legendary
Offline
Activity: 1131
Merit: 1007
|
|
August 05, 2014, 02:46:20 PM |
|
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
It could be that they were looking for specific coins? I don't know. I haven't had anything taken either but all this talk has got me a little worried. Guess I will reformat to be safe. Thanks Zipcoin!  |
|
|
|
|
|
