Had to disable all shields for 10 minutes and reinstall guiminer. Then activated the shield again.
Update: Forgot to mention. Avast wanted to do a boot time scan after detecting the "trojan"
Topic: Warning - GUIMiner virus hit with Bitdefender (Read 8471 times)
Avast keeps on deleting a file (trojan) which makes the miner non responsive to start. I have been mining solidly for two months without hassle. Now this (16 Nov 2012)?
Had to disable all shields for 10 minutes and reinstall guiminer. Then activated the shield again.
Update: Forgot to mention. Avast wanted to do a boot time scan after detecting the "trojan"
Had to disable all shields for 10 minutes and reinstall guiminer. Then activated the shield again.
Update: Forgot to mention. Avast wanted to do a boot time scan after detecting the "trojan"
Yeah,
I've seen that too for NIS on the Computer of a friend of mine. He also said this: Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe
I think it would be the best to work without the ufasoft miner as long as there is no clearance about it.
@KIV maybe you can temporarly skip the ufasoft miner out of your guiminer package until the problem with the warnings is solved...
Best Regards.
Boris
http://www.bitcoin-server.de
I've seen that too for NIS on the Computer of a friend of mine. He also said this: Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe
I think it would be the best to work without the ufasoft miner as long as there is no clearance about it.
@KIV maybe you can temporarly skip the ufasoft miner out of your guiminer package until the problem with the warnings is solved...
Best Regards.
Boris
http://www.bitcoin-server.de
@Kiv, just as information: Now it is Norton Internet Security, which also reports your 2011-07-11 version of GUIMiner, downloaded from Github.
I would recommend that people only download GUIMiner from my forum thread or the official GitHub page. I guarantee there is nothing bad in there, I write this software only because I want to see Bitcoin succeed. There were indeed a couple reports of false positive about it, but it's nothing to worry about
If you get the executable from somewhere else on the Internet (even if it says GUIMiner) I can't guarantee someone hasn't tampered with it. It would be trivial for someone to download a clean copy and attach their own trojan to it.
If you get the executable from somewhere else on the Internet (even if it says GUIMiner) I can't guarantee someone hasn't tampered with it. It would be trivial for someone to download a clean copy and attach their own trojan to it.
some Avs are weird.. whydo they categorize miners as "hackertools" or "riskyware"?
Risk tool generally means legitimately published software that isn't malicious but that the average computer user probably doesn't want, and that might be there for a malicious purpose if the user doesn't know about it. Legitimate FTP servers, proxy servers, remote access software, and such fall in this category too, same with those "spy on your spouse" keylogging/screenshot grabbing sort of programs as well. Given that definition, a bitcoin miner would definitely fit.
Other names for the same thing include PUP (potentially unwanted program).
some Avs are weird.. whydo they categorize miners as "hackertools" or "riskyware"?
I use GUIMiner and my version of that file is 727Kb, in case that helps in determining if your version might be compromised. I'd definitely upload it to a virus scanner as suggested above, just to be sure.
If the exe file is less than 20MB I would upload it here to test it against multiple virus scanners just to be sure
http://www.virustotal.com/
EDIT:
I downloaded the latest windows binary and uploaded it.
And only 3 out of 41 Antivirus programs pick it up, but it is flagged as goodware - Safety score: 100.0%
http://www.virustotal.com/file-scan/report.html?id=9bae29593488e652f08e05882c0accd8159fd77fce3209119856287fda27abb6-1309525830
So false positive, I'd be inclined to agree with casascius's assessment.
Virustotal might not have updated bitdefender yet, as it doesn't flag it: "BitDefender 7.2 2011.07.01 -"
http://www.virustotal.com/
EDIT:
I downloaded the latest windows binary and uploaded it.
Code:
Filename : bitcoin-miner.exe
File size: 743936 bytes
CRC-32 : 4efcecce
MD4 : 1d0a80565e94243cdac6e056e0cecf10
MD5 : 54e328364335553807a670eb3dd137b1
SHA1 : bba0fa29f13c0cc4f20a165181cfae8668c32674
SHA256 : 9bae29593488e652f08e05882c0accd8159fd77fce3209119856287fda27abb6
And only 3 out of 41 Antivirus programs pick it up, but it is flagged as goodware - Safety score: 100.0%
http://www.virustotal.com/file-scan/report.html?id=9bae29593488e652f08e05882c0accd8159fd77fce3209119856287fda27abb6-1309525830
Code:
AntiVir 7.11.10.191 2011.07.01 SPR/Tool.BitCoinMiner.a
Fortinet 4.2.257.0 2011.07.01 HackerTool/BitCoinMiner
Kaspersky 9.0.0.837 2011.07.01 not-a-virus:RiskTool.Win32.BitCoinMiner.a
Virustotal might not have updated bitdefender yet, as it doesn't flag it: "BitDefender 7.2 2011.07.01 -"
This is probably a consequence of botnet operators putting Bitcoin mining software on compromised computers to steal themselves a little bit of mining time.
When the owners of the hijacked computers find the compromise, they often submit the unwanted files to AV companies as samples, who add signatures to their AV software to detect the unwanted files. This has the unfortunate side effect of having Bitcoin miners being flagged as malware.
The bitcoin miner isn't malware if you are intentionally mining. Only if you have no idea what Bitcoin is, or what mining is, would you consider a miner to be unwanted software.
When the owners of the hijacked computers find the compromise, they often submit the unwanted files to AV companies as samples, who add signatures to their AV software to detect the unwanted files. This has the unfortunate side effect of having Bitcoin miners being flagged as malware.
The bitcoin miner isn't malware if you are intentionally mining. Only if you have no idea what Bitcoin is, or what mining is, would you consider a miner to be unwanted software.
I have has GUIMiner installed for a few weeks now and have had no problems so far. Just a few minutes ago Bitdefender warned me of the following -
Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe
To my knowledge Bit Defender has scanned this system several times since I installed GUIMiner and hasn't given me any hits until today. GUIMiner is presently up and running as normal and I never went in and ran bitcoin-miner.exe.
I don't know if this was a false positive or something to be worried about, but I wanted to pass along just in case. Does anyone else have problems with false positives or real trojans?
Edit - just read on another post where it's a false positive. http://forum.bitcoin.org/index.php?topic=15765.0
Trojan.Generic.KD.273364 in GUIminer/miners/ufasoft/bitcoin-miner.exe
To my knowledge Bit Defender has scanned this system several times since I installed GUIMiner and hasn't given me any hits until today. GUIMiner is presently up and running as normal and I never went in and ran bitcoin-miner.exe.
I don't know if this was a false positive or something to be worried about, but I wanted to pass along just in case. Does anyone else have problems with false positives or real trojans?
Edit - just read on another post where it's a false positive. http://forum.bitcoin.org/index.php?topic=15765.0
Jump to: