Bitcoin Forum
December 09, 2016, 07:42:42 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Is my PC associated with Bitmining botnet?  (Read 1116 times)
Brien
Newbie
*
Offline Offline

Activity: 2


View Profile
April 01, 2012, 02:59:52 AM
 #1

I am aware of what bitcoins are, but I do not use nor farm them. Today after looking at my startup items on my PC, I noticed there was a strange entry that I will put below. Upon further research, Me, or my PC, is associated with a bitcoin ID http://eligius.st/~artefact2/7/1GsrNGM64zfyKec37miLh655KKQeGX91cg. Supposedly his bitrate is near 5000mh/s.

Is it safe to say that that is not an achieveable number under 1 PC's standard? I'm just making sure because I do not remember installing anything bitcoin related and believe I have downloaded an infected file that is using my PC to farm.


Entry is below


C:\Users\Null\AppData\Roaming\2 3\j.exe "%appdata%\2 3\svchost.exe" -o http://mining.eligius.st:8337 -u 1GsrNGM64zfyKec37miLh655KKQeGX91cg -p x
1481312562
Hero Member
*
Offline Offline

Posts: 1481312562

View Profile Personal Message (Offline)

Ignore
1481312562
Reply with quote  #2

1481312562
Report to moderator
1481312562
Hero Member
*
Offline Offline

Posts: 1481312562

View Profile Personal Message (Offline)

Ignore
1481312562
Reply with quote  #2

1481312562
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481312562
Hero Member
*
Offline Offline

Posts: 1481312562

View Profile Personal Message (Offline)

Ignore
1481312562
Reply with quote  #2

1481312562
Report to moderator
1481312562
Hero Member
*
Offline Offline

Posts: 1481312562

View Profile Personal Message (Offline)

Ignore
1481312562
Reply with quote  #2

1481312562
Report to moderator
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1092


Will read PM's. Have more time lately


View Profile
April 01, 2012, 03:02:40 AM
 #2

You are a part of the botnet. Eligius allows many computers to connect as one address, so the ~5GHs should be from around 10 PC's. I'll PM Luke-JR and ask him to take a look.

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

Brien
Newbie
*
Offline Offline

Activity: 2


View Profile
April 01, 2012, 03:04:15 AM
 #3

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.
5850Guy
Newbie
*
Offline Offline

Activity: 28



View Profile
April 05, 2012, 11:26:10 PM
 #4

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.

You might want to consider a reformat.

You never know what other nasty stuff you might have on there now.

I bought a used Radeon 5850 and the GPU fan died within 2 weeks :-(
Help me get back in the game (send some spare BTC!):  1MZtrwLp95HG9MXgrFroki6PZ61ttLtg2v
Thank you!
5850Guy
Newbie
*
Offline Offline

Activity: 28



View Profile
April 05, 2012, 11:29:31 PM
 #5

Yeah, I assumed so. Anyway, the file directory and process has been deleted but just to be safe I have to fresh install now, since I'm most likely backdoored.

You might want to consider a reformat.

You never know what other nasty stuff you might have on there now.

Ah, whoops!  Missed the fact that you re-installed!

Good job!  A fresh install is a pain, but always a good security decision!

I bought a used Radeon 5850 and the GPU fan died within 2 weeks :-(
Help me get back in the game (send some spare BTC!):  1MZtrwLp95HG9MXgrFroki6PZ61ttLtg2v
Thank you!
Luke-Jr
Legendary
*
Offline Offline

Activity: 2100



View Profile
April 05, 2012, 11:41:13 PM
 #6

Recently added to Eligius's FAQ: Help! I'm infected with a virus using your service!

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!