Pages:
Author

Topic: delevic was banned by mistake (Read 680 times)

legendary
Activity: 3136
Merit: 3213
April 15, 2020, 04:08:55 PM
#26
Dont worry about my Research, i doing that the most time!
Your link was more as Suspicious and that it was not downloadable from the original Website and run your Script with a root command!

Also there is no need to advert now your Program and Software here.
You can post that in the ETH thread or in the mining Board.
Have a great day!
jr. member
Activity: 30
Merit: 4
April 15, 2020, 02:29:04 PM
#25
@JaredKaragen

Thank you for your support.

@Lafu

Lets my and Jared case be good example that you don't ask for ban immediately. Just do a little more research before that.
Fortunately, everything ended well Smiley

By the way, an increase of ETH  Dag file and recent problems with Phoniex miner and 4gb GPUs ,  users will need to migrate to Linux around 1.7.2020 if they want to continue mining ETH. So, my Watchdog program will be welcome to them if they use usb wathchdogs.




legendary
Activity: 1848
Merit: 1166
My AR-15 ID's itself as a toaster. Want breakfast?
April 14, 2020, 07:33:33 PM
#24
Finally. Thanks  theymos.

Awesome.   Glad to see a good result come of this.    It's always a tough position.

I was in your place simply for compiling source with housekeeping mods (version number, remove extra useless strings ("fluff"))... but all the detections from my app were directly linked to "cryptocurrency mining app"/"potentially unwanted"
legendary
Activity: 3136
Merit: 3213
April 14, 2020, 07:05:09 PM
#23
Thanks theymos for looking into that case and that it is solved now!

@delevic
Sry for all the trouble and also thanks for understanding.
Glad that this case is solved and that you are unbanned.
Maybe look in the future for Posting links like that one you have done, maybe its possible to just Post the Website link so users can get there.
Also I will remove my negative Feedback!
Sry for my misstake on that case.
jr. member
Activity: 30
Merit: 4
April 14, 2020, 05:16:54 PM
#22
Finally. Thanks  theymos.
administrator
Activity: 5222
Merit: 13032
April 14, 2020, 04:49:55 PM
#21
His file (hosted on Mega) is the same as the one on AliExpress (https://yadi.sk/d/4RDeoiyv3UoaWj).

SHA-256: 91799acfd28857cbf3a03389adbf46c9edb74c5f527cd1f89b1b1f4cb80976aa

Also, the first verification of the file on VirusTotal was made in 2018 (check the "details" tab).
"First Submission:   2018-05-06 06:33:35"

Thanks, so that looks fine at least as far as delevic is concerned. (You can't rule out malware in the official software, of course.)

I don't have any particular confidence that the Linux file on github is safe, and I don't recommend using any of this stuff, but there's not enough evidence of malware at this point for delevic to remain banned.
newbie
Activity: 9
Merit: 0
April 14, 2020, 02:55:32 PM
#20
virustotal is trash. It can't be used as "proof" of malware, only a very vague hint. It is mighty suspicious when someone posts a binary without source which you're supposed to run as root, though.


I can't download the firmware from there. Someone should check whether the official firmware indeed gives the same virustotal detections.

May I get unbanned now ? Smiley
legendary
Activity: 2758
Merit: 6830
April 13, 2020, 06:24:31 PM
#19
His file (hosted on Mega) is the same as the one on AliExpress (https://yadi.sk/d/4RDeoiyv3UoaWj).

SHA-256: 91799acfd28857cbf3a03389adbf46c9edb74c5f527cd1f89b1b1f4cb80976aa

Also, the first verification of the file on VirusTotal was made in 2018 (check the "details" tab).
"First Submission:   2018-05-06 06:33:35"
sr. member
Activity: 1414
Merit: 254
April 13, 2020, 06:01:23 PM
#18
virustotal is trash. It can't be used as "proof" of malware, only a very vague hint.
I thought it can be 80% trusted, but now I know. Because things related to software I usually check there, is it safe or not.
newbie
Activity: 9
Merit: 0
April 13, 2020, 03:02:56 PM
#17
Quote
Thats not the link you posted !

Yes, It was easier to upload  the file on Mega rather than to look for a live link on Aliexpress like I did it tonight. 

I was looking for live link on Ali just to prove that program is the same and that it also has 21 detections Smiley

Quote
Hope understand that , and if i am wrong on my report im sry !


Yes I understand. Its ok.


legendary
Activity: 3136
Merit: 3213
April 13, 2020, 02:40:12 PM
#16
https://www.aliexpress.com/item/32828833847.html  

there is a link:

User's Manual
1.   Download the software and the drivers, product after January 2018 do not need drivers.
    https://yadi.sk/d/4RDeoiyv3UoaWj

It's working just tested it.

Thats not the link you posted !

And your link now here has 3 more detections as the old one !

Just in case i reported your post and link you have done , because it wasnt clickable on aliexpress and its still not clickable !
Why you dont just posted the website link ?

For sure Virustotal maybe is trash but its also show some stuff and that there is something wrong !

I can't download the firmware from there. Someone should check whether the official firmware indeed gives the same virustotal detections.

The new link has 3 more detections as the other he has posted , and 2 days ago it wasnt possible to download it , dont know but something is strange !
https://www.virustotal.com/gui/file/91799acfd28857cbf3a03389adbf46c9edb74c5f527cd1f89b1b1f4cb80976aa/detection

If theymos trust you and you get unbanned i have no problem with that !
I just reported your post because it looks very Suspicious !
And we got a lot of Suspicious links in the past here , just look at this thread https://bitcointalksearch.org/topic/report-malware-and-suspicious-links-here-so-mods-can-take-action-5182222 !
Hope understand that , and if i am wrong on my report im sry !
newbie
Activity: 9
Merit: 0
April 13, 2020, 02:27:45 PM
#15
virustotal is trash. It can't be used as "proof" of malware, only a very vague hint.

I absolutely agree.

Quote
It is mighty suspicious when someone posts a binary without source which you're supposed to run as root, though.

I was not very active on this forum, but someone who uses the same name in all forums is certainly not very suspicious. Smiley

https://forum.xda-developers.com/poco-f1/how-to/xposed-installation-guide-t3928155

https://hwbot.org/user/delevic/

https://forum.benchmark.rs/member.php?45621-delevic
...
newbie
Activity: 9
Merit: 0
April 13, 2020, 02:15:43 PM
#14
https://www.aliexpress.com/item/32828833847.html   

there is a link:

User's Manual
1.   Download the software and the drivers, product after January 2018 do not need drivers.
    https://yadi.sk/d/4RDeoiyv3UoaWj

It's working just tested it.

administrator
Activity: 5222
Merit: 13032
April 13, 2020, 01:56:20 PM
#13
virustotal is trash. It can't be used as "proof" of malware, only a very vague hint. It is mighty suspicious when someone posts a binary without source which you're supposed to run as root, though.


I can't download the firmware from there. Someone should check whether the official firmware indeed gives the same virustotal detections.
newbie
Activity: 9
Merit: 0
April 13, 2020, 02:13:32 AM
#12
You can see on this video how this program looks on my PC and how it passed Norton security check.

https://www.flickr.com/photos/141637543@N07/49766000333/in/dateposted-public/

legendary
Activity: 2758
Merit: 6830
April 12, 2020, 02:38:22 PM
#10
Why don’t you open source your application, let people build themselves and potentially compare the hashes with the ones you posted?
newbie
Activity: 9
Merit: 0
April 12, 2020, 02:15:05 PM
#9
Quote
And the Miner Software files on Virustotal have not a single one of what your link has in it !

No they just have W64/Trojan.SQQA-1034, Malware (ai Score=70), Trojan.Miner.Win64.2032 .... Yes ,  detected threats are not exactly the same but they are  form the same family Smiley


legendary
Activity: 1848
Merit: 1166
My AR-15 ID's itself as a toaster. Want breakfast?
April 12, 2020, 03:24:39 AM
#8
If there is no difference, will you banned Claymore and Phoenix ?
Please post a link to where those are posted.

Phoenix: https://bitcointalksearch.org/topic/phoenixminer-62c-fastest-ethereumethash-miner-with-lowest-devfee-winlinux-2647654 (same SHA-256 hash results)
Claymore: https://bitcointalksearch.org/topic/claymores-dual-ethereum-amdnvidia-gpu-miner-v150-windowslinux-1433925

The false positives are mostly because it's a mining app though. Most anvir consider miner app as virus.

for instance;  I was compiling and uploading XMR-stak with no devfee.

It would be flagged by antivirus software;  because it was a mining app; and there numerous malwares that would be using mining apps.... so they were flagged as potentially unwanted.  But those detections are specifically for mining apps;  not what the OP's are being detected for AFAICT.   I had quite a chat with someone about this on BCT before... being accused of malware, when in fact, he was mistaken.

Apparently as well;  someone must have used my free devfee compilation in a part of a malware package (go figure).

legendary
Activity: 2170
Merit: 1789
April 12, 2020, 02:22:00 AM
#7
If there is no difference, will you banned Claymore and Phoenix ?
Please post a link to where those are posted.

Phoenix: https://bitcointalksearch.org/topic/phoenixminer-62c-fastest-ethereumethash-miner-with-lowest-devfee-winlinux-2647654 (same SHA-256 hash results)
Claymore: https://bitcointalksearch.org/topic/claymores-dual-ethereum-amdnvidia-gpu-miner-v150-windowslinux-1433925

The false positives are mostly because it's a mining app though. Most anvir consider miner app as virus.
Pages:
Jump to: