P
philipp952806
Hi,
I've scanned my PC with Windows Defender today and it detected a PUA:Win32/CoinMiner (screenshot below). It's an old Electrum 3.3.8 Portable executable (bitcoin wallet) which I downloaded last year. I also uploaded it to Virustotal where some other engines also detected the file as a PUP, results are here.
So I checked my browser history to see if I downloaded it from the offical site which I did and I also checked the signature of the executable with GPG and it was good. I also noticed that when downloading the exe again from the official site it also gets detected.
Of course that would normally be it and I wouldn't worry about it but I thought it was kind a strange is that Windows Defender says it's an active threat. Does that mean it was running or doing anything or simply that it hasn't been dealt with? It would worry me a little if it was running or doing anything because I only downloaded it many months ago but never actually used it because I decided to use something different.
I also wondered why it wasn't detected during any other scan before over all these months where it was sitting on my desktop but I guess that's probably because of a recent definition update.
Sorry for my amateur questions, haven't really had any potential threats on my system before.
Continue reading...
I've scanned my PC with Windows Defender today and it detected a PUA:Win32/CoinMiner (screenshot below). It's an old Electrum 3.3.8 Portable executable (bitcoin wallet) which I downloaded last year. I also uploaded it to Virustotal where some other engines also detected the file as a PUP, results are here.
So I checked my browser history to see if I downloaded it from the offical site which I did and I also checked the signature of the executable with GPG and it was good. I also noticed that when downloading the exe again from the official site it also gets detected.
Of course that would normally be it and I wouldn't worry about it but I thought it was kind a strange is that Windows Defender says it's an active threat. Does that mean it was running or doing anything or simply that it hasn't been dealt with? It would worry me a little if it was running or doing anything because I only downloaded it many months ago but never actually used it because I decided to use something different.
I also wondered why it wasn't detected during any other scan before over all these months where it was sitting on my desktop but I guess that's probably because of a recent definition update.
Sorry for my amateur questions, haven't really had any potential threats on my system before.
Continue reading...