Jump to content

Eset VS Miner


Recommended Posts

Based on a comment on a Russian web site where AV Block Remover utility can be downloaded from: https://www.comss.ru/page.php?id=8842 , the coin miner just doesn't block an AV installer after download. But it will actually block installer download from AV vendor web sites;

Quote

- when I wanted to download anti-virus utilities, the browser was closed;
- if it was possible to download, then the launch of anti-virus utilities was blocked;
- closes the task manager, and if you run it again, the miner closes.
- even when I tried to look for a solution to my problem on the forums or on YouTube, the browser closed.

https://www-comss-ru.translate.goog/disqus/page.php?id=8842&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=sc

 

Edited by itman
Link to comment
Share on other sites

Another example of malware distributed via cracked game installers a while back that trashed a bunch of AV solutions is Crackonosh: https://www.tomsguide.com/news/cracked-games-hacked-pcs .

I have no sympathy whatsoever for people using cracked software who get infected as a result of such use.

Edited by itman
Link to comment
Share on other sites

In general, the topic with this miner ("REALTEKD / TASKHOSTW") on technical forums in Russia and apparently in Ukraine over the past few years in popularity can only be compared with the Stop Djvu encryptor (but there at least the file extension changes stably, but here there is practically nothing does not change).

Many antiviruses are taken out and blocked, not only ESET. In both cases, the infection occurs as a result of the use of hacked programs. The installer with this miner, as a rule, is several Gb, and there is no way to check it for viruses.

In addition to blocking the launch of installers and utilities, blocking standard installation paths for anti-virus programs, access to the sites of technical forums and anti-virus companies is also blocked.

hosts.jpg

viruses.jpg

programs.jpg

Edited by safety
Link to comment
Share on other sites

I believe the truism "Common sense is not that common" is applicable here.

You download a cracked game installer from a torrent web site. What else would you expect than to get nailed by nasty malware.

Link to comment
Share on other sites

There is an outstanding question in regards to this coin miner. How did it get installed in the first place?

1. Did it disable Windows Defender to do so?

2. Was it able to disable/bypass third party security software including Eset to do so?

3. Or, let me guess. The game installer instructed the user to disable their real-time AV solution.

The main point here is if AV protection prevented the coin miner from installing, then what the coin miner does after installation is irrelevant.

Edited by itman
Link to comment
Share on other sites

1.The miner knows how to disable the defender at any time.  or  Either the user disables it windows defender.

2. Have you managed to disable/bypass third-party security software, including Eset?

No. Eset doesnt install .

Or, let me guess. The installer of the game instructed the user to disable the AV solution in real time.

Yes most likely the miner is interfering with the installation antivirus disabling.


The point here is that if the antivirus protection prevented the coin miner from installing, what the coin miner does after installation is irrelevant.

The miner will block the installation antivirus in the case of 80-90% , after installing the game .
 

Link to comment
Share on other sites

Torrent can move anywhere, you have to at least find that aggressive sampler to research.
It's not all that easy to take a sample.

I have seen which program console games and turn the miner. 
It happened a month ago, I do not remember the story but really it was so.

Link to comment
Share on other sites

  • Administrators

Since everything has been said, we'll draw this topic to a close.

1, There exist threats that prevent basically all security programs from being installed.
2, Vendors can be in no way liable for not being able to install on already infected machines.
3, We haven't been reported any such issues from users who were prevented from installing ESET. That said, currently we do not see the need for a specialized standalone cleaner that would repair the appropriate registry keys and values to allow installation of ESET.

Link to comment
Share on other sites

  • Marcos locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...