• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
platitude

Cryptocurrency Mining software

Recommended Posts

Hello platitude!

I can see that your Claymore's miner was detected as "Application.BitCoinMiner.SI" . It is normal situation for miners.  You see a full report on Virustotal most of well known antiviruses detect (37/65) this file. 

Also you have two infected objects in your "Downloads" folder:

"E:\Downloads\Image-Line.FL.Studio.Producer.Edition v12.5.0.59.Incl.Patch.and.Keygen-R2R.zip" - Gen:Variant.Symmi.64984

"E:\Downloads\A319_ROW_DS_S319_161222.zip" -  Android Riskware (Android.Monitor.Reaper.A,  Android.Riskware.SmsPay.EA, Android.Riskware.SMSSend.gEWPZ)

 

 

 

Share this post


Link to post
Share on other sites
On 19.09.2017 at 2:09 PM, LSArtem said:

I can see that your Claymore's miner was detected as "Application.BitCoinMiner.SI" . It is normal situation for miners.  You see a full report on Virustotal most of well known antiviruses detect (37/65) this file. 

Also you have two infected objects in your "Downloads" folder:

"E:\Downloads\Image-Line.FL.Studio.Producer.Edition v12.5.0.59.Incl.Patch.and.Keygen-R2R.zip" - Gen:Variant.Symmi.64984

"E:\Downloads\A319_ROW_DS_S319_161222.zip" -  Android Riskware (Android.Monitor.Reaper.A,  Android.Riskware.SmsPay.EA, Android.Riskware.SMSSend.gEWPZ)

The problem is that antvirus removes miner executable file and i need to copy it every time again and again.

Gen:Variant.Symmi.64984 found in a keygen executable i guess, so it's not dangerous

Share this post


Link to post
Share on other sites
17 hours ago, platitude said:

The problem is that antvirus removes miner executable file and i need to copy it every time again and again.

Gen:Variant.Symmi.64984 found in a keygen executable i guess, so it's not dangerous

Hello!  Please write what version of AdAware do you use.  We checked on the latest and a file in Exclusion list was not detected anymore.  Also please clarify on what stage your files were detected - after file download or when you start it?

Share this post


Link to post
Share on other sites
9 hours ago, LSArtem said:

Hello!  Please write what version of AdAware do you use.  We checked on the latest and a file in Exclusion list was not detected anymore.  Also please clarify on what stage your files were detected - after file download or when you start it?

Right now i'm using Adaware Antivirus Free version 12.1.856.11526. Previously I added to exclusion list whole disk and miner folder where miner executable is located. But AV removed my file even when Real-time protection is disabled. Virus was detected when process is running and some software crash is happening(because of opencl thread freezing), i think your AV detects this as a strange behaviour and removes the file. Now i've added full path including file name to exclusion list, we'll see.

Share this post


Link to post
Share on other sites

Hi platitude,

Please note that adaware antivirus version 12.2 was released at September 13.

Share this post


Link to post
Share on other sites

Have you restarted the computer?
Maybe adaware antivirus has downloaded the new version but needs a restart to start using it, only a guess.

Share this post


Link to post
Share on other sites

I can suggest you to turn off Antivirus control + Real Time protection options, then add you file to Exclusion list and turn ON again all your protection.

 

 

aaw.png

Share this post


Link to post
Share on other sites
On 9/24/2017 at 10:55 AM, platitude said:

AV continue to remove the miner during daily scan

We will try to reproduce your situation with detection of this file and we'll let you know the results.

Share this post


Link to post
Share on other sites

File was added to Exclusion list and we have no detected objects anymore.  Do you still have this problem?   

Share this post


Link to post
Share on other sites

 

7 hours ago, platitude said:

Daily scan still removes miner and it also removes miner when it has a freezed gpu thread. Daily scan report attached

adaware_Report_Quick_Automatic_29.09.2017 120042.xml

Hello! Please try this:

1. Reboot your PC.

2. Turn Off  Real Time Protection

3. Download archive with miner.

4. Unpack miner from archive

5. Add a folder path with your unpacked miner to Exclusion list

6. Stop / Start Antivirus

7. Turn On  Real Time Protection

8. Run Scan of a folder that was added to Exclusion list

 

Share this post


Link to post
Share on other sites
11 hours ago, LSArtem said:

 

Hello! Please try this:

1. Reboot your PC.

2. Turn Off  Real Time Protection

3. Download archive with miner.

4. Unpack miner from archive

5. Add a folder path with your unpacked miner to Exclusion list

6. Stop / Start Antivirus

7. Turn On  Real Time Protection

8. Run Scan of a folder that was added to Exclusion list

 

Folder scan(right click in explorer -> Scan with Adaware Antivirus) completed and miner is not detected

Share this post


Link to post
Share on other sites
On 9/30/2017 at 10:15 AM, platitude said:

Daily scan still find a miner as a virus and removes it

Hello! Please turn on AAW logging in such way:

 logging.png

 

After that run again daily scan and wait for file detection.  

Change view folder options in windows explorer to show hidden files.  Find Adaware log folder. It can be by one of these paths:

%All Users%\adaware\adaware antivirus\

%Program Data%\adaware\logs

Pack this folder and attach archive to a post please.

 

 

 

 

Share this post


Link to post
Share on other sites
6 hours ago, platitude said:

Did a Quick scan, included only toady logs in archive

Logs.zip

Thanks for logs! Development team will check the logs and will try to fix all issues.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now