ALERT!! BEWARE Of PhenixCoin.com. PXC Coin. VIRUS!!

Rex_Heston

member

Activity: 69

Merit: 10

Quote from: Charles999 on May 23, 2013, 04:45:03 PM

Okay here's the bottom line. Your code is suspicious that's why these virus scanners are warning us. Just think of it this way. You walk down the street and see the sign "Blood and Crips Territory, Dangerous, Possible chance of losing your life.." would you continue to use that road or would you heed the warning.

If there's a way to remove the suspicious code, why don't you do it before packaging it for miners.

No, here's the bottom line: it doesn't work that way, and your analogy doesn't apply to this situation. It can only warn you if you have reason to believe the code is infected, or if you have no idea of its pedigree. Since you have an entire forum telling you it's fine (and believe me, I've gotten these same warnings you have, so I know what I'm talking about), then you have an idea of its pedigree, and can be assured that, barring an entire forum's worth of people having traumatic brain injuries, you can stop worrying.

GSnak

full member

Activity: 182

Merit: 100

There's a lot of programs on torrents (games, CAD, graphics) that have miners built in because people assume those looking for those programs have high-end video cards, thus these programs being target by anti-malware.

AbiTxGroup

sr. member

Activity: 447

Merit: 250

Quote from: aetos on May 23, 2013, 04:46:02 PM

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

Just replace the two files that are being tagged, libcurl-4.dll and pthreadGC2.dll, and then all is clean.

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I replaced both files and ran the phenixcoin-qt with no problem.

I was going to replace the files and zip it up to post, but hey, why trust a file I post up.

those files are in cgminer also and many other wallets
scanning revealed nothing yet.
than again unless you are going to solo mine there is no need to have a wallet lol just mine in pools and auto payout to an exchange:)

First off, cgminer is a miner and not a wallet.

Secondly, the above two files that I listed are in cgminer v2.9.7-1 and are different sizes than what are in the phenix qt. Of the two, only the libcurl-4.dll has the same "hits", the pthreadGC2.dll is clean.

In cgminer 3.0.1 and 3.1.1, neither file is used, so no problem there.

I only have a few of the other coin wallet windows client files on this computer to compare (linux laptop), but the ones that I did have also did not have these two files in them.

aetos

sr. member

Activity: 294

Merit: 250

Quote from: aetos on May 23, 2013, 04:46:02 PM

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

Just replace the two files that are being tagged, libcurl-4.dll and pthreadGC2.dll, and then all is clean.

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I replaced both files and ran the phenixcoin-qt with no problem.

I was going to replace the files and zip it up to post, but hey, why trust a file I post up.

those files are in cgminer also and many other wallets
scanning revealed nothing yet.
than again unless you are going to solo mine there is no need to have a wallet lol just mine in pools and auto payout to an exchange:)

i am not a miner nor anything with phenix other than the donation i got of 3 coins and multipling it in the poker site:)

aetos

sr. member

Activity: 294

Merit: 250

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

Just replace the two files that are being tagged, libcurl-4.dll and pthreadGC2.dll, and then all is clean.

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I replaced both files and ran the phenixcoin-qt with no problem.

I was going to replace the files and zip it up to post, but hey, why trust a file I post up.

those files are in cgminer also and many other wallets
scanning revealed nothing yet.
than again unless you are going to solo mine there is no need to have a wallet lol just mine in pools and auto payout to an exchange:)

Charles999

full member

Activity: 224

Merit: 100

Okay here's the bottom line. Your code is suspicious that's why these virus scanners are warning us. Just think of it this way. You walk down the street and see the sign "Blood and Crips Territory, Dangerous, Possible chance of losing your life.." would you continue to use that road or would you heed the warning.

If there's a way to remove the suspicious code, why don't you do it before packaging it for miners.

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

Just replace the two files that are being tagged, libcurl-4.dll and pthreadGC2.dll, and then all is clean.

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I replaced both files and ran the phenixcoin-qt with no problem.

I was going to replace the files and zip it up to post, but hey, why trust a file I post up.

AbiTxGroup

sr. member

Activity: 447

Merit: 250

Quote from: bonsai99 on May 23, 2013, 04:38:05 PM

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I wouldn't download dlls from those shifty websites if I were you.

Your choice, as I said those files should also be tested.

I myself, used the files I found that had no "hits" with scanners, than the ones that did "hit". Simple choice for me.

bonsai99

member

Activity: 112

Merit: 10

Quote from: AbiTxGroup on May 23, 2013, 04:35:47 PM

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I wouldn't download dlls from those shifty websites if I were you.

AbiTxGroup

sr. member

Activity: 447

Merit: 250

Just replace the two files that are being tagged, libcurl-4.dll and pthreadGC2.dll, and then all is clean.

A simple google search will get you both files from a dll-files website. But, again, you should also test those files.

I replaced both files and ran the phenixcoin-qt with no problem.

I was going to replace the files and zip it up to post, but hey, why trust a file I post up.

Rex_Heston

member

Activity: 69

Merit: 10

Quote from: Charles999 on May 23, 2013, 03:41:26 PM

Just stating the facts with what I encountered. I suggest you clean out the virus before uploading it again for distribution. We don't pay good money for Virus Scanners like Kaspersky and MCFee to ignore their warnings.

"False positive" means there is no virus. It is reporting a false detection. It is safe.

I get false positives all the time with programs that I have created, because the anti-virus software doesn't have enough info to know whether it is safe or not, and so it trashes programs that I WRITE BY MY OWN HAND, which guarantees there isn't a virus in it, even though it says it does.

While I appreciate your vigilance (there really needs to be more people like you on the internet, actually. It would stop phishers in their tracks), you do need to learn anti-virus vocabulary, and learn to trust people who have as much to lose as you do when they say there is nothing wrong.

smoothie

legendary

Activity: 2492

Merit: 1473

LEALANA Bitcoin Grim Reaper

LOL amateur coders?

r3animation

hero member

Activity: 756

Merit: 500

Jr. members.

lol.

oroqen

sr. member

Activity: 280

Merit: 250

Obvious troll is obvious

Charles999

full member

Activity: 224

Merit: 100

Just stating the facts with what I encountered. I suggest you clean out the virus before uploading it again for distribution. We don't pay good money for Virus Scanners like Kaspersky and MCFee to ignore their warnings.

sidelsky18

newbie

Activity: 56

Merit: 0

It doesn't have a virus, though it is a shitty promotional altcoin.

sor.rge

newbie

Activity: 42

Merit: 0

On a side note, it's funny how people seem to assume that Linux or source code distribution somehow is a guarantee against Trojans. Beware, this may be exploited.

BrewCrewFan

hero member

Activity: 672

Merit: 501

Im just wondering how many wallets get picked up as viruses....all lead to just being what virus detection programs do all the time... most times harmless.

syn999

full member

Activity: 196

Merit: 100

Quote from: MaGNeT on May 23, 2013, 03:15:17 PM

Oh no, not this hit again...

hdclover is not here yet

MaGNeT

legendary

Activity: 1526

Merit: 1002

Waves | 3PHMaGNeTJfqFfD4xuctgKdoxLX188QM8na

Oh no, not this hit again...

cryptohunter

legendary

Activity: 2100

Merit: 1167

MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG

Quote from: Charles999 on May 23, 2013, 03:01:11 PM

Thanks for posting the proof Bonsai!! Don't try to steal windows users account with your trojan. I was planning on mining this but it seems quite sneaky of your coin to try to steal Window's users accounts. Shame on you.

Another scam! I have you on my shit list now.

Quote from: bonsai99 on May 23, 2013, 02:53:20 PM

Quote from: Charles999 on May 23, 2013, 02:44:19 PM

Okay, I downloaded the windows client and this software had a trojan horse detected. I quickly removed it. I am going to only use the Linux version. But for windows users, download and install at your own risk.

Make sure you don't install into the same computer you have your other valuable coins in.

Someone update the windows client and make sure no viruses in it. Noobs are suffering.

Clean with two false positives
https://www.virustotal.com/en/file/0bc9bb748df0f7d1db00d35bb0964602c3d1fa806cbe349321315170bf4e8af6/analysis/1369338719/

it is a false positive - meaning it is NOT a virus , i got the same thing too, but it's okay it's nothing to worry about.

Topic: ALERT!! BEWARE Of PhenixCoin.com. PXC Coin. VIRUS!! (Read 1788 times)