[Solved] Malware in feathercoin-0.8.7.1-setup.exe?

A Former User

My AVG antivirus finds a trojan in feathercoin-0.8.7.1-setup.exe. Does somebody else have the same problem? Are you sure that the file is safe?

MrWyrm

I’d hope this is a false positive, usually because of the nature of crypto software and the use of mining malware as a revenue stream for malware developers. These things do get reported from time to time. Of the 61 virus engines you can scan with virustotal, only three list it as a Malicious site.

https://www.virustotal.com/en/url/44878f11136df95e1ca787050e4052b193575a77b8a0f569491dad3ecce82e5d/analysis/

I will submit the file to those three sites and hopefully they will confirm it’s a false positive and remove us from the listings.

The binary was compiled by Peter (Bushstar) and my Anti-virus bitdefender doesn’t flag the file as malicious.

MrWyrm

2014-12-02 Found nothing

2014-12-02 Riskware/BitCoinMiner

2014-12-01 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-01 Win32:Malware-gen

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-02 Trojan.BitCoinMiner

2014-12-02 TR/BitCoinMiner.21021696

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-01 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

2014-12-01 Found nothing

2014-12-02 Found nothing

2014-12-02 Found nothing

http://virusscan.jotti.org/en/scanresult/7e6ec893537ebd27a69e9385d736517e71f5e44b/4ae6a07dead05339e9fa99c7d78c88ff30d847d6

A Former User

Ok, thank you

MrWyrm

Reply from DrWeb:

DrWeb: Your submission has been analyzed. You assigned the “False alarm” category to your submission. At the moment, Dr.Web anti-virus does not detect a threat in the file you submitted.

The false alarm may have been fixed, or you assigned a wrong category to your submission.

I’ll submit the file to the others too.

HopeStillFlies

It’s a false positive. You’re not alone, Fedoracoin 1.0.exe got hit with it, too. Apparently someone got overzealous and submitted a shared bit of code across all these reporting sites. I ended up having to discuss with DigitalOcean about it in order to not have my hosting account suspended because they contacted them instead of me in order to take the site down.

Just, scummy.

xonar

Yes, I confirm it, like in same case also “minerd”… ^-^

It’s a false positive.

a solution ? Use Linux ;D ;D ;D

SpartanC001

There are rumours that antivirus companies list it as a threat as it makes them look good on their stats :P

Idk how much of that is true but i know first hand that norton internet security is very overprotective, it was ok with the ftc wallet but minerd.exe regularly got quarantined from idle scans despite being set to ignore it

kris_davison

I think the problem is that people are embedding hidden miners inside other software which are then malicious.

Chrome was advising me it was a malicious file too which is simply untrue.