Pages:
Author

Topic: Be careful about Viruses! - page 2. (Read 2459 times)

legendary
Activity: 2184
Merit: 1028
#mitandopelomundo
July 16, 2015, 09:04:00 AM
#14
The more suspect in shrooms is that the dev deleted all trader19 posts talking about it without answering anything
legendary
Activity: 1036
Merit: 1000
8b 16b DEMOSCENE FTW
July 16, 2015, 09:01:49 AM
#13

I wonder how naive evil dev would have to be to add evil code detectable by antivirus software. Sorry folks.

legendary
Activity: 1232
Merit: 1001
July 16, 2015, 08:57:58 AM
#12
It happened to me  too.  But it was last month. (atacker downloaded my whole harddrive and then he deleted everything)
I lost around 1.2 BTC..... Now i use only Exchange wallets.

I´m sending virtual hug to you.... How much did you lost?


around 6btc worth of Crave at current market price..
legendary
Activity: 1232
Merit: 1001
July 16, 2015, 08:57:16 AM
#11
today i got all my Crave stollen and M1 to, yesterday i downloaded two wallets NOC (Nocturna) and SHRM (SHROOMS), i scanned both at Virustotal but looks like infected wallet is fully undetected by antiviruses. so be carefull with this new coins.
After posting in SHROOMS thread about it my post got deleted so i assume SHROOMS wallet is infected.

Have you considered (before blaming a wallet that is marked as clean by all the AV products on Virustotal) that it could have been other activity like bad browsing behavior or alternatively a bad wallet prior to yesterday but the attacker used the exploit only now?
well everything is possible.. i found it suspicious after getting those two wallets that my coins are gone and on top of it my post getting deleted from SHROOM thread without interaction..  anyway i am just giving fair warnings to you guys, guy's a pro as this malware specifically designed to search remotely for txt and .dat files to find privkey as my wallets are encrypted. unfortunately there was old txt file somewhere in my hd with my privkeys. so be extra careful
full member
Activity: 171
Merit: 100
July 16, 2015, 08:52:30 AM
#10
It happened to me  too.  But it was last month. (atacker downloaded my whole harddrive and then he deleted everything)
I lost around 1.2 BTC..... Now i use only Exchange wallets.

I´m sending virtual hug to you.... How much did you lost?

legendary
Activity: 1638
Merit: 1013
July 16, 2015, 08:48:55 AM
#9
today i got all my Crave stollen and M1 to, yesterday i downloaded two wallets NOC (Nocturna) and SHRM (SHROOMS), i scanned both at Virustotal but looks like infected wallet is fully undetected by antiviruses. so be carefull with this new coins.
After posting in SHROOMS thread about it my post got deleted so i assume SHROOMS wallet is infected.

Have you considered (before blaming a wallet that is marked as clean by all the AV products on Virustotal) that it could have been other activity like bad browsing behavior or alternatively a bad wallet prior to yesterday but the attacker used the exploit only now?
legendary
Activity: 1232
Merit: 1001
July 16, 2015, 08:39:15 AM
#8
don't know witch wallet and if but i got screwed. so be extra careful!!!
hero member
Activity: 532
Merit: 500
Better die on your feet, than live on your knees
July 16, 2015, 08:32:51 AM
#7
The Dev seems like a pro scam artist.
I took notice when his math on his coin total was wrong.


How is the coin total wrong? 200 * 3000= 600,000 that's what was posted.
Have run 2 separate anti virus scans, both are clean.
hero member
Activity: 633
Merit: 500
B Money Prepaid Mastercard bmoney.io
July 16, 2015, 08:13:06 AM
#6
The Dev seems like a pro scam artist.
I took notice when his math on his coin total was wrong.
legendary
Activity: 2002
Merit: 1051
ICO? Not even once.
July 16, 2015, 08:09:15 AM
#5
Never ever run wallets outside of a controlled sandbox or VM. Or run them on a throwaway OS, otherwise you're asking to get your coins and even browser data stolen.

Virustotal can't detect everything either.
hero member
Activity: 770
Merit: 500
July 16, 2015, 08:07:06 AM
#4
I don't have crave wallet but i've been using shrooms wallet without problems, also i am having an antivirus that detects any suspicious behavior not only by virus detects and it is not showing anything wrong.
I guess the problem is somewhere else
legendary
Activity: 1232
Merit: 1001
July 16, 2015, 08:04:06 AM
#3
NOC seems legit, dunno if it's a virus or not but it's working fine.
yea i think also NOC is fine, SHRM is funky wallet i bet is infected.
hero member
Activity: 712
Merit: 500
July 16, 2015, 08:02:42 AM
#2
NOC seems legit, dunno if it's a virus or not but it's working fine.
legendary
Activity: 1232
Merit: 1001
July 16, 2015, 08:01:52 AM
#1
today i got all my Crave stollen and M1 to, yesterday i downloaded two wallets NOC (Nocturna) and SHRM (SHROOMS), i scanned both at Virustotal but looks like infected wallet is fully undetected by antiviruses. so be carefull with this new coins.
After posting in SHROOMS thread about it my post got deleted so i assume SHROOMS wallet is infected.

Code:
Registrierungsschlüssel: 3
Backdoor.Agent.MSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIN32.EXE, , [1e532fb3e2a879bd8d1105416f947f81],
Backdoor.Agent.MSC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIN32.EXE, , [1e532fb3e2a879bd8d1105416f947f81],
Malware.Trace, HKU\S-1-5-21-3263657515-926084177-3591563880-1001\SOFTWARE\DC3_FEXEC, , [71000bd72169f83e79f88b62877c47b9],

Registrierungswerte: 1
PUP.Vulnerable.DellSystemDetect, HKU\S-1-5-21-3263657515-926084177-3591563880-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\0\AppData\Local\Apps\2.0\CWDABVX1.PTA\JEY57068.PLT\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe, , [3041ffe311798da93956bf48778c15eb]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 6
Stolen.Data, C:\Users\0\AppData\Roaming\dclogs, , [f978ba284d3d5fd79a3c47d431d3d22e],
Refog.Keylogger, C:\ProgramData\MPK, , [adc40fd34a403cfa34f2744fba4852ae],
Refog.Keylogger, C:\Windows\SysWOW64\MPK, , [fe73dc061f6b84b2e09c329bca38dc24],
Refog.Keylogger, C:\Windows\SysWOW64\MPK\Help, , [fe73dc061f6b84b2e09c329bca38dc24],
Refog.Keylogger, C:\Windows\SysWOW64\MPK\Help\German, , [fe73dc061f6b84b2e09c329bca38dc24],
Refog.Keylogger, C:\Windows\SysWOW64\MPK\Images, , [fe73dc061f6b84b2e09c329bca38dc24],

Dateien: 41
Backdoor.Bot, C:\ProgramData\Nimoru\GizmoSE, , [d29fe4fe701a4bebf24e165c6b9760a0],
Backdoor.Bot, C:\ProgramData\Nimoru\LicenseSE, , [6b06c51dc4c637ffe1607cf6689a17e9],
Trojan.BitcoinMiner, C:\Users\0\Downloads\CHC-cpuminer.zip, , [0d6405dd9af04fe7508127f4738eb54b],
Misused.Legit.AI, C:\Users\0\FJQIH\Autoit3132605.exe, , [bbb603dfe6a42b0bdecae33415ec53ad],
Misused.Legit.AI, C:\Users\0\FPLXT\AutoIt3-477747.exe, , [93de875b2e5ce55100a8ee29c041f60a],
Misused.Legit.AI, C:\Users\0\GBHHS\423830.exe, , [2a47736f5e2c73c3f2b633e4778ad729],
Misused.Legit.AI, C:\Users\0\IXXER\Autoit3361205.exe, , [f081677b5436ad891c8c6fa82ed302fe],
Misused.Legit.AI, C:\Users\0\PJFOQ\AutoIt3-317477.exe, , [18594999d1b994a24365090e68994cb4],
Misused.Legit.AI, C:\Users\0\PJYSH\AutoIt3-476488.exe, , [5c1531b14e3c8caa4a5ef225eb163ac6],
Misused.Legit.AI, C:\Users\0\PLNYL\AutoIt3-674095.exe, , [3b369a48fd8da78f08a06cab48b9cd33],
Misused.Legit.AI, C:\Users\0\QFBWN\AutoIt3-980556.exe, , [b6bbf6ec0387c0768d1b01165aa72ed2],
Misused.Legit.AI, C:\Users\0\RQABW\AutoIt3-305714.exe, , [ea8701e19ceecb6b9216bf58ac55659b],
Misused.Legit.AI, C:\Users\0\RWTPS\Autoit3799481.exe, , [4e23746e4b3f68ce93150d0afb065ba5],
Misused.Legit.AI, C:\Users\0\SARQB\Autoit3632787.exe, , [cca53ea497f3d2648721cd4aa75a45bb],
Misused.Legit.AI, C:\Users\0\SYMIW\Autoit3346420.exe, , [0a674f93b9d11f1744643ed9a65bd32d],
Misused.Legit.AI, C:\Users\0\SZCXS\70252.exe, , [462b3ea4c1c9ae881197d641ba47e917],
Misused.Legit.AI, C:\Users\0\UNQRL\Autoit3823165.exe, , [a5ccb9291d6d62d47b2dc3548d741ee2],
Misused.Legit.AI, C:\Users\0\UVZMS\Autoit3356564.exe, , [4d24875b2367a3931593be5940c1f10f],
Misused.Legit.AI, C:\Users\0\VFAIT\AutoIt3-233913.exe, , [343d9b4773170e288d1b59be48b9ba46],
Misused.Legit.AI, C:\Users\0\VNZZZ\Autoit3.214789.exe, , [71003aa88efcd561f9af1afd49b89e62],
Misused.Legit.AI, C:\Users\0\WEELT\Autoit3931513.exe, , [fc75657d7614dd594f5914034db4916f],
Misused.Legit.AI, C:\Users\0\WUZEP\AutoIt3-727504.exe, , [056c6c76404a0b2b099f63b4ce3320e0],
Misused.Legit.AI, C:\Users\0\YAHBI\Autoit3.432573.exe, , [7ff2ebf7e8a24de9505844d310f12dd3],
Misused.Legit.AI, C:\Users\0\YATOB\AutoIt3-72795.exe, , [d0a17270503ade58a404a275ef128080],
Misused.Legit.AI, C:\Users\0\ZKONP\AutoIt3-297516.exe, , [b1c0c61ca2e8dd591c8c5dba31d027d9],
Misused.Legit.AI, C:\Users\0\ZOQJQ\Autoit3862269.exe, , [76fb4b972d5d54e2565225f2c93858a8],
Misused.Legit.AI, C:\Users\0\NVWPL\Autoit333863.exe, , [beb35989ff8b63d300a8eb2c2cd56f91],
Misused.Legit.AI, C:\Users\0\NYMDT\Autoit3120957.exe, , [8ee3c41ea4e641f5e8c0ff185aa7ee12],
Misused.Legit.AI, C:\Users\0\OTCOG\AutoIt3-466746.exe, , [d0a180628703082e466250c789789967],
Misused.Legit.AI, C:\Users\0\JDHDW\Autoit3441978.exe, , [d29f4999ccbe1d190a9ec354e31e7c84],
Misused.Legit.AI, C:\Users\0\JSUGS\AutoIt3-306080.exe, , [343d1ac8e8a2f442990f0116c14047b9],
Misused.Legit.AI, C:\Users\0\KDYGY\AutoIt3-927653.exe, , [650cc61c4b3f3cfa4068c84fbd447c84],
Misused.Legit.AI, C:\Users\0\KMWRG\AutoIt3-993025.exe, , [620fc41e8505d165adfb1601ce3342be],
Misused.Legit.AI, C:\Users\0\KNLWO\AutoIt3-895236.exe, , [cca5d01289013204e2c693844fb28c74],
Misused.Legit.AI, C:\Users\0\KSVTO\AutoIt3-166262.exe, , [1e53f8ea9af0a195d8d0dd3ad22fd22e],
Misused.Legit.AI, C:\Users\0\LXVTT\AutoIt3-444060.exe, , [91e0b929cac066d0693f080fde23639d],
Misused.Legit.AI, C:\Users\0\BPVJQ\AutoIt3-60029.exe, , [f77a687af89238fea0082cebde233ac6],
Misused.Legit.AI, C:\Users\0\DCJRG\AutoIt3-791889.exe, , [066be7fb9feb61d523850b0cd42d4fb1],
Misused.Legit.AI, C:\Users\0\DINIH\Autoit3750382.exe, , [e190647e3e4c082eadfb72a5fd047789],
Backdoor.Agent.MSC, C:\Windows\SysWOW64\Windows Services\win32.exe, , [1e532fb3e2a879bd8d1105416f947f81],
Stolen.Data, C:\Users\0\AppData\Roaming\dclogs\2013-12-19-5.dc, , [f978ba284d3d5fd79a3c47d431d3d22e],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Pages:
Jump to: