Author

Topic: User PC0316 Spreading Virus Software? (Read 1398 times)

hero member
Activity: 546
Merit: 500
April 27, 2016, 11:00:36 PM
#21
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?

If that is true and it uses hooks in windows then that would most likely flag it as a virus even though potentially it could be non-malicious.
It is most likely a false alarm. The behavior of the program is much like from other malwares. Programs with attaching/hooking, overriding or taking control of a browser or application behaviors will most likely detected even if it is technically safe.
But we can't be sure until we decompile the program. There are true malwares today that can't be dected like what I've just encountered last month, it changes the wallet address in clipboard.
Just to be safe, run it on a virtual environment or install a Deep Freeze.
hero member
Activity: 2464
Merit: 594
April 27, 2016, 09:30:06 PM
#20
I think it's just a false alarm, after several days of working still my laptop works fine. I think the browser is wrong because last night I downloaded other application and it showed failed and virus detected later on when I tried to download it again then it was successful.
member
Activity: 76
Merit: 10
March 23, 2016, 04:12:56 AM
#19
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?

If that is true and it uses hooks in windows then that would most likely flag it as a virus even though potentially it could be non-malicious.
full member
Activity: 222
Merit: 100
March 22, 2016, 04:54:25 AM
#18
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?

i've had the same question; never brought it up to PC thought!
i'm using a spare laptop, running security essentials and spybot, and no personal info so i dont care much!
(no other windows machines on my network either to worry about.)
after every session i'd leave the laptop on and scan with both softwares so far nothing other than regular payments Huh
hero member
Activity: 560
Merit: 500
March 21, 2016, 03:23:53 PM
#17
The first three times i tryed it were giving me error,saying there were files missing,then later i had installed it without any virus hidden now i think and almost sure i got the virus ,i dont use explorer at all soo what kind of hiden virus it is anyone knows?
sr. member
Activity: 249
Merit: 250
March 20, 2016, 12:20:54 PM
#16
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?

Which program you are talking about?
I also opened a program today from  services section and my browser automatically stops and all data cache are cleared up??
Which program you are talking about?

PeerChecker.exe

I think that it is only a false positive by what I mentioned them before.
sr. member
Activity: 289
Merit: 250
March 20, 2016, 12:11:38 PM
#15
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?

Which program you are talking about?
I also opened a program today from  services section and my browser automatically stops and all data cache are cleared up??
Which program you are talking about?
sr. member
Activity: 249
Merit: 250
March 20, 2016, 09:38:20 AM
#14
the program takes control over the browser Internet Explorer to verify that the captchas have been completed correctly and sometimes to clear history and cache of the browser. does it have something to do with the detection of virus?
hero member
Activity: 560
Merit: 500
March 20, 2016, 09:31:03 AM
#13
Started this up on a brand new vm, same result. Stay away from it.
My Windows Defender also found that file and placed and quarantine.
Then I did a scan and it isn't finished yet, hope that it is clean.

The last times i tryed to dowload the avira runned on it and the program werent working,saying missing some files,i didnt hade any kind of virus message but in the end i dont like to use sofwtare that is unknow for the most,i will scan it again and if the program stills i will use it.
legendary
Activity: 1232
Merit: 1017
March 20, 2016, 03:45:19 AM
#12
Started this up on a brand new vm, same result. Stay away from it.
My Windows Defender also found that file and placed and quarantine.
Then I did a scan and it isn't finished yet, hope that it is clean.
sr. member
Activity: 273
Merit: 260
Pool Owner
March 19, 2016, 04:19:51 PM
#11
Started this up on a brand new vm, same result. Stay away from it.
legendary
Activity: 1232
Merit: 1017
March 19, 2016, 01:08:06 PM
#10
You really should strip out the link if you think it is hosting a virus or malware, a few innocent people might click through without thinking. Nobody should download from links they don't know, even to do a virus scan on it.
I did a virus scan at first and then it was fine, but a week later I get many virus alerts. I looked in my regedit and looked up the possible infected things, which i found online but it did not find anything, so I hope I am safe.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
March 19, 2016, 01:07:14 PM
#9
A virgin VM with up-to-date Windows Defender also found something:

Loading...
Edited 2020-11-28 to fix a broken image

Nasty enough for me, I'm not gonna dig deeper.
legendary
Activity: 2688
Merit: 1192
March 19, 2016, 01:03:50 PM
#8
You really should strip out the link if you think it is hosting a virus or malware, a few innocent people might click through without thinking. Nobody should download from links they don't know, even to do a virus scan on it.
legendary
Activity: 1232
Merit: 1017
March 19, 2016, 12:56:42 PM
#7
google drive scans files for virus when they're uploaded...
But when I try to download it blocks the software automatically by my browser.
So I don't know if it's a browser is giving false information.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
March 19, 2016, 12:56:38 PM
#6
Looks like it's got HEUR/QVM03.0.Malware.Gen, whatever that means.

At some point PC0316 seems to have posted the link in the thread (quoted by another user below) but now the post is gone.

I have uploaded it to Google Drive.

https://drive.google.com/open?id=0B9aH_qGeXCLtZ3BzaUc1Q0tHbVk

Email me or private message me if you are interested.

My email is in the Instruction manual which is also on Google Drive, here:

https://drive.google.com/open?id=0B9aH_qGeXCLtYkEwT2FjLWpOaTg
ok, i interested and I have already sent a private message to you, if the work is good and has a decent income, I will forward it, and how you think about a daily income of solving captchas it?
copper member
Activity: 924
Merit: 1007
hee-ho.
March 19, 2016, 12:53:17 PM
#5
google drive scans files for virus when they're uploaded...

EDIT:
scanned with avast premier and the result is clean.


Looks like it's got HEUR/QVM03.0.Malware.Gen, whatever that means.

yup.
https://www.virustotal.com/en/file/7c14952c3eab3f46262da33b53633b0fa3cd248e14eb01cdb4005995fec8562d/analysis/1458410565/

oh wait. whywefight posted this. silly me.
legendary
Activity: 1078
Merit: 1042
www.explorerz.top
March 19, 2016, 12:49:15 PM
#4
I guess this is no help as its in german. Run Malwarebytes and see what it says
legendary
Activity: 1232
Merit: 1017
March 19, 2016, 12:47:36 PM
#3
Okay, how am I going to see if I have that virus on my pc?
I ran this software a week ago, but removed it. Now I wanted to re install it and it gives many virus alerts.

Can u tell me how I can see if I am infected?
legendary
Activity: 1078
Merit: 1042
www.explorerz.top
March 19, 2016, 12:45:32 PM
#2
according to virustotal, yes: https://www.virustotal.com/de/file/7c14952c3eab3f46262da33b53633b0fa3cd248e14eb01cdb4005995fec8562d/analysis/

My local Kaspersky didnt find anything, hm...
legendary
Activity: 1232
Merit: 1017
March 19, 2016, 12:42:35 PM
#1
Story: I asked to join a captcha typing thing, and I said yes. This user: https://bitcointalksearch.org/user/pc0316-794409 sends me a PM with malicious software...

I received this pm:
!!! WARNING: This user is a newbie. If you are expecting a message from a more veteran member, then this is an imposter !!!

Hello there,

What country are you located in?

Here is a google document about the work.

https://drive.google.com/open?id=0B9aH_qGeXCLtYkEwT2FjLWpOaTg

The download link for the app is here:

https://drive.google.com/open?id=0B9aH_qGeXCLtZ3BzaUc1Q0tHbVk

Our email is [email protected]

We have created login details for you (which you use after you download and start the app).

Login: **********

Password: *********

We need a Bitcoin address from you too please so you can get paid.

Thanks,

PC.
Then I download the software:
Jump to: