Bitcoin Forum
May 25, 2017, 07:05:06 AM *
News: Latest stable version of Bitcoin Core: 0.14.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Is my PC associated with Bitmining botnet?  (Read 1150 times)
Brien
Newbie
*
Offline Offline

Activity: 2


View Profile
April 01, 2012, 02:59:52 AM
 #1

I am aware of what bitcoins are, but I do not use nor farm them. Today after looking at my startup items on my PC, I noticed there was a strange entry that I will put below. Upon further research, Me, or my PC, is associated with a bitcoin ID http://eligius.st/~artefact2/7/1GsrNGM64zfyKec37miLh655KKQeGX91cg. Supposedly his bitrate is near 5000mh/s.

Is it safe to say that that is not an achieveable number under 1 PC's standard? I'm just making sure because I do not remember installing anything bitcoin related and believe I have downloaded an infected file that is using my PC to farm.


Entry is below


C:\Users\Null\AppData\Roaming\2 3\j.exe "%appdata%\2 3\svchost.exe" -o http://mining.eligius.st:8337 -u 1GsrNGM64zfyKec37miLh655KKQeGX91cg -p x
1495695906
Hero Member
*
Offline Offline

Posts: 1495695906

View Profile Personal Message (Offline)

Ignore
1495695906
Reply with quote  #2

1495695906
Report to moderator
1495695906
Hero Member
*
Offline Offline

Posts: 1495695906

View Profile Personal Message (Offline)

Ignore
1495695906
Reply with quote  #2

1495695906
Report to moderator
POLONIEX TRADING SIGNALS
+50% Profit and more via TELEGRAM
ALTCOINTRADER.CO
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1134


Will read PM's. Have more time lately


View Profile
April 01, 2012, 03:02:40 AM
 #2

You are a part of the botnet. Eligius allows many computers to connect as one address, so the ~5GHs should be from around 10 PC's. I'll PM Luke-JR and ask him to take a look.

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

Brien
Newbie
*
Offline Offline

Activity: 2


View Profile
April 01, 2012, 03:04:15 AM
 #3

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.
5850Guy
Newbie
*
Offline Offline

Activity: 28



View Profile
April 05, 2012, 11:26:10 PM
 #4

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.

You might want to consider a reformat.

You never know what other nasty stuff you might have on there now.

I bought a used Radeon 5850 and the GPU fan died within 2 weeks :-(
Help me get back in the game (send some spare BTC!):  1MZtrwLp95HG9MXgrFroki6PZ61ttLtg2v
Thank you!
5850Guy
Newbie
*
Offline Offline

Activity: 28



View Profile
April 05, 2012, 11:29:31 PM
 #5

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.

You might want to consider a reformat.

You never know what other nasty stuff you might have on there now.

Ah, whoops!  Missed the fact that you re-installed!

Good job!  A fresh install is a pain, but always a good security decision!

I bought a used Radeon 5850 and the GPU fan died within 2 weeks :-(
Help me get back in the game (send some spare BTC!):  1MZtrwLp95HG9MXgrFroki6PZ61ttLtg2v
Thank you!
Luke-Jr
Legendary
*
Offline Offline

Activity: 2170



View Profile
April 05, 2012, 11:41:13 PM
 #6

Recently added to Eligius's FAQ: Help! I'm infected with a virus using your service!

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!