Since the last two updates of Avast I have been getting an alert when I try to run my ZEC miner and it sends the main mining exe file to the virus chest. Everyone just says to add it to the exclusions category but I want to be sure.
I just want to know if anyone else uses this and how I submit it to Avast for analysis so I can make sure its a FP, if it is and how I will be notified about their results.
Thank you.
EDIT - I have submitted it both as a possible FP and as a possible malicious file to the threat reporting page. There is a lot of talk and controversy around these programs so I want to get some actual AV reports for myself. I actually was not able to D the original from the authors G-Drive as Google wouldn’t let it. However, I went to a GitHub for one of the pools that had it and it DL fine with no alerts and I scanned it with nothing coming up.
Avast just reports it as a PuP and that makes sense as its a mining program which have been running into YouTube ads and other web pages. My concern is if it is more than just about it being a miner that is triggering the detection alert; such as does it contain a trojan, worm, or otherwise malicious code that isn’t part of what a normal miner should have.
Hello,
PUP detection in case of mining tools is trigerred because they are misused by malware to mine on a devices without user consent. So the mining tool does not need to contain malicous code, but can be part of a malware (malware contains the mining tool).
So here is whagt I find strange that I am told to ignore or let slide…
When I use the link from the ‘authors’ thread on Bitcointalk (https://bitcointalk.org/index.php?topic=1707546.0), Google wont let me download the last two updates to the miner. Im not even using Chrome and Google says it wont let me download it!!! He has them on his Google Drive and Google Drive blocks the attempt saying it contains a virus. The previous versions before that I have no issue with at all downloading (see screebshots). Then I go to GitHub and download the same up to date version of the miner with no issues (unless I have PuP turned on) yet everyone says they are the same miner.
Does that sound right? I do have a right to find some concern in this, correct? Especially since Google wont let me download one version but a pervious, earlier version from the same Google Drive page has no issues.
Mind you, I don’t really think the author of the miner is injecting his warez with anything but someone could have duped the files with their own exploited version knowing most would simply just add it to the ‘exclusion’ list cause that’s what everyone else says to do. This goes in hand with my last reply on the other thread I am on… Knowledge should never be secondary.