Author

Topic: WARNING: BTCStats-QT.exe installs a keylogger/backdoor (Read 1192 times)

newbie
Activity: 36
Merit: 0
I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program.


Where was the original file downloaded from? I'd like to analyze it.
full member
Activity: 170
Merit: 100
This page was the best help. None of the malware removal programs I tried could remove it. But doing it manually this way did:

http://www.enigmasoftware.com/msdcscexe-removal/
full member
Activity: 170
Merit: 100
Just one slip-up can be costly. I remember when I downloaded it, my gut-feel was 'this could be a virus', so I scanned the file with avast anti-virus and it came up clean. Malwarebytes Anti-malware found it and cleaned it, but when I rebooted, it appeared again as an msdcsc.exe process. Evil!

Currently doing a full system scan with four different anti-malware and anti-virus scanners, and have disconnected that machine from the network.

I hope this thread saves someone from losing their coins.
hero member
Activity: 714
Merit: 503
I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program.

On windows 7 it creates many msdcsc.exe processes and is difficult to remove. They don't appear for a few days to stop arousing suspicion, and only appear after you have done a reboot.

A full virus scan, anti-malware scan is recommended. I haven't lost any bitcoin because my private keys are on an offline linux machine, but I'm going to change all my bitcoin related passwords and reinstall my system. PITA.

Did I mention I feel like an idiot? I'm usually very careful with these kinds of things.

I wouldn't feel like too much on an idiot, especially if you didn't lose anything.  I'm insanely careful myself with stuff like that, but it's almost impossible to keep guard up 24/7.

I try to do a Google search of pretty much anything I download, but even the other day I slipped up and ended up with a virus. It can happen to the best of us.  Thanks for the heads up though!
newbie
Activity: 5
Merit: 0
Yikes! Thanks for the warning! I'm glad I caught your post in time.  Cheesy Much appreciated!
full member
Activity: 170
Merit: 100
I feel like such an idiot. Anyway, the above program has been promoted in bitcoin chat rooms/channels and some websites. If you downloaded it assume you have a remote backdoor and keylogger on your system. Remove it with Anti-Malware program.

On windows 7 it creates many msdcsc.exe processes and is difficult to remove. They don't appear for a few days to stop arousing suspicion, and only appear after you have done a reboot.

A full virus scan, anti-malware scan is recommended. I haven't lost any bitcoin because my private keys are on an offline linux machine, but I'm going to change all my bitcoin related passwords and reinstall my system. PITA.

Did I mention I feel like an idiot? I'm usually very careful with these kinds of things.
Jump to: