Topic: QUEDOS is a Virus Trojan use malwarebytes for removal - page 2. (Read 4947 times)

Exactly, with eight hits on virus total the only course of action is moving along.

Plenty of other good crypto out there with out wasting time with positives.Just move on.

I saw this thread now and looking at the virustotal scan results it looks red with the 8 hits. Having said that, the scans pick up potentially unwanted programs that seems to be triggered by the standard Bitcoinminer false positive. Atemis is normally something that McAfee cannot recognise.

There is a possibility that the file is infected but the result at the moment is not conclusive. It is prudent though not to run it and wait a few days for the virustotal engines and engineers to work through it. Normally if there is something bad in the file that is new, positive identification manifests after about 2-3 days. Check it again in a week before a final conclusion is made, but do not run it in the meantime to be safe.

Come on people, how hard is it to setup Sandboxie with no access to important folders and read only access to the required ones?
I'm going to go ahead and say that anyone who doesn't run wallets in a sandbox or in a virtual machine or on a throwaway PC/OS is a complete moron at this point waiting to get hacked.
Additionally, virustotal is NEVER completely reliable; hiding malicious payload could be just as common as false positives so it's a completely pointless exercise to scan wallets.

Personally, I don't think the wallet is malicious but I have no proof but it seems others claiming the opposite doesn't seem to have proof either.

the 50% premine was the first red flag ...

The guy's that are putting virus are low life it would b nice to able to ban them for life as dev or what ever they represent I know how it feel to loose all your coins to bad wallet that have Trojans virus....Make me sick just thinking about it I'm glad that you caught this before some one loose there coins to these low life ........... good job guy's

+1,
totally agree!

I've been telling you guys for years. Set up 10 different Virtual Box systems. Then use them 1 per coin. Reuse them once you are done and decided that the coin is garbage.

It's great that these scammers get caught before they get their scam coin listed on an exchange and dump their premine to whoever is foolish enough to be manipulated into thinking it's a legitimate project because of a few fancy graphics.  It's also great that it's cost these scammers to purchase their scam coin and block explorer.  These are costs that these scammers will not recover.  It looks like these latest scams are a loss and in fact the scammers actually scammed themselves.  Lets all laugh at these scumbag scammers for being the ignorant fools that they are.

adiyrie
prasmatic
blacksmithcorporation

All one and the same pathetic loser.

Must be hard to troll to keep your shitty investment alive eh?

Nice catch Ocminer , keep having these babies cry over their dummy investment lol

I concur, it's a bought account:



But you're not doing crypto any favors by enabling these children scammers by providing them with wallets.  Please stop.

If you're concerned about the superficiality of whether or not BitcoinMiner false flags are thrown, you have your priorities in the wrong place.

The source code is out in the open, so again, I challenge you to find anything malicious in it.

But, judging by your post history you're just another shill for QUEDOS, so there's no reasoning with you.

Like here https://bitcointalksearch.org/topic/m.12963148
I love those n00bs telling me i'm wrong  

Wow that's quite a difference. thanks for pointing this out.

Nothing but generic BitcoinMiner flags (these are older than time itself) and some false positives. I challenge you to prove otherwise.

Given your post history, you're obviously involved with QUEDOS and you have an agenda here.

It's obvious that you're nothing more than a child.  







It's easy to identify and expose what people like you are doing.

prasmatic and adiyrie are the same.  

Shouldn't you stop wasting time with this failure and start working on graphics and thinking up the name of your next attempt at creating a scam?  If you hurry you can get an ANN posted in a couple hours.  I will enjoy helping to expose that one as well.  

Both coins (XAGON and QUEDOS) were created by my service over a month ago. They were ordered by different individuals, but seeing as they were released on the same day, and have similar whitepapers, it's not too difficult to see they're being pushed by the same person/group.

I checked, and it doesn't look like there were any modifications made to the client after I compiled, so they should be clean. Here's the VT links:

XAGON: https://www.virustotal.com/en/file/ce4d570f740d5b7ee8c371ce162aaf9a398150dbc328bc2ef3969a8698931bb0/analysis/

QUEDOS (9/28): https://www.virustotal.com/en/file/83abb7b3f28c363924beda4b0fc637f45df05ae20337040276f36ee40a26a756/analysis/1443540956/
QUEDOS (11/13): https://www.virustotal.com/en/file/83abb7b3f28c363924beda4b0fc637f45df05ae20337040276f36ee40a26a756/analysis/

As you can see sometime between 9/28 and today, McAfee's Artemis decides it doesn't like something, and Baidu hops on the "Bitcoin Miner" train as well. I've been dealing with false positives like these for a very long time. BitcoinMiner is the one that always persists, but every now and then some D-List antivirus will decide throw a very nasty sounding false positive.

Artemis is a heuristic detection tool by McAfee and isn't indicative of anything in particular. It just means something is "suspicious", but given McAfee's track record as the worst antivirus ever, I wouldn't put too much stock in it. It certainly doesn't "basically disable almost all functions of your machine", that's just pure FUD.

Trojan.StartPage.Win32.26934 is absolutely a false positive by a crappy AV vendor (who has ever heard of zillya before?) and is incredibly easy to verify since the payload of that particular trojan is that is changes your home page. Run the client in a VM and you'll see it does no such thing. Also refer to the often overlooked behavioral information of both clients, and you'll see nothing out of the ordinary: https://www.virustotal.com/en/file/83abb7b3f28c363924beda4b0fc637f45df05ae20337040276f36ee40a26a756/analysis/1443540956/

I reached out to Mr. "TenBagTony", pusher of both these coins, who is now on a FUD campaign against me. He posted this gem after ocminer exposed him with this thread. Amusingly enough, he claims that I exposed him, and he now wants to fight me. A true internet tough guy, if there ever was one.

tl;dr Both coins are free of malware - any detection is simple a false positive. So if you've ran them, don't panic and nuke your computer. That being said, I'd still stay away from both of these coins for every other reason mentioned above.

I'm not working hard at all.  It's very easy to expose people like you and your pathetic scams and attempts at theft.

Here is mine:

https://www.virustotal.com/en/file/83abb7b3f28c363924beda4b0fc637f45df05ae20337040276f36ee40a26a756/analysis/1447435355/

Thanks for explaining.

Here's my results from virustotal although I scanned the zip file. cant remember if thats correct procedure:

https://www.virustotal.com/nl/file/6589498a962e1186d78344aa5f4de652a4f8916ce851a14b96222b0da7ea4f12/analysis/1447434147/