CGMiner false postives / Exclusions NOT working

F-Secure can you please not flag CGMiner as malware? Adding it to the scan exclusions somehow only works when F-Secure is turned off (that goes for both the .exe and the program folder). Turn it back on and it immediately removes cgminer.exe again! Making the scan exclusions pointless and seemingly a cosmetic feature. Here is the cgminer site: http://ck.kolivas.org/apps/cgminer/ (F-Secure removes all versions) I know someone made a trojan which runs cgminer on other people's machines to steal their GPU/CPU cycles for mining, but that's like flagging [email protected] as malware because one person injected one .exe with malware some time and everyone has to pay the price. PS. F-Secure also WIPES my HOSTS file in system32/drivers/etc DESPITE me adding it to the exclusion list. What on earth is wrong?! Can a user get some bloody control over their OWN PC, PLEASE?!

Best Answer

  • GaryGary Posts: 70
    Accepted Answer

    Dear Alio,

     

    If you had excluded the file from Real-Time scanner and F-Secure is still removing it, please create a ticket with our support and attach the FSDIAG. Our support agent will be further assisting you on this issue.

     

    Best regards,

    Gary

     


     

Answers

  • JaniashviliJaniashvili Posts: 469
    Hi, you can register here: https://analysis.f-secure.com/portal/login.html

    and give them those files, they'll check whenever it is false positive or true malware
    Desidurrious
  • Thanks! I submitted it. However that doesn't explain why user set scan exclusion isn't working as it should.
  • GaryGary Posts: 70

    Hi Desidurrious,

     

    Which F-Secure software and its version the user is using? And how the exclusion was made? In this case the exclusion has to be done on the Real-Time scanning which is under F-Secure > Settings > Virus and spyware scanning > Exclude files from scanning.

     

    Best regards,

    Gary

  • etomcatetomcat Posts: 1,312

    Hello,

     

    Bitcoin is essentially the fraud of alchemy in a most modern disguise. What did alchemists do? Exposed base metals to heat (retort on fire), while endlessly reciting supposedly magic information (chants from occult books) and kept hoping somehow monetary value (i.e. gold) comes out of it. At best, they found out about porcelain...

     

    Today Bitcoin clients and their botmasters endlessly process supposedly magic information (some call that elliptic curves crypto)  while exposing base metals (lead, tin, aluminium and copper that composes the computer) to heat (electricity bill turned into hot air via the exhaust fan). They keep hoping monetary value (i.e. bitcoin) will somehow come out of this fraud.

     

    If you go to a riverside and start filtering the sand by the tons, there is at least a realistic expectation of finding a few gramms of gold flakes per workday. It won't make you filthy rich, but some people do earn a sustainable living that way.

     

    Best Regards: Tamas Feher, Hungary.

  • AlioAlio Posts: 1

    Hi,

     

    Same issue for me. I excluded the file in realtime scanning objects and it is still detected and removed every time. I have to disable realtime scanning permanently making F-Secure useless for protection.

     

    Alio

  • maud138maud138 Posts: 2

    I have the same problem. I will sent in a ticket, but is it possible to give the solution here? It's very very annoying. I tried CGMiner, but also CudaMiner and both are deleted everytime by F_secure, even when I made an exception in realtime scanning.

  • ShahrirShahrir Posts: 53

    Hi maud138,

     

    If you have added the exclusion but you are still facing the issue, I would suggest you to create a support ticket as Gary suggested so we would be able to assist you further on this issue.

  • maud138maud138 Posts: 2

    Yes, I created a support ticket and they helped me pretty good.

    My problem is solved.

    Chrissy
  • ShahrirShahrir Posts: 53

    Hi maud138,

     

    I am glad to hear that your issue is solved now! Have a great week ahead.

This discussion has been closed.