• 所有社区 - 中文
    • 所有社区 - 中文
    • 论坛
    • 创意
    • 博客
高级

不是您要找的? 咨询专家!

此论坛帖文需要解决方案。
好评0

online miner being flag!

I play a crypto game called zero eclipse @ zeroeclipse.com

it offers a browser miner and a app that mines and allows it to be converted to in game currency but is being blocked by rules 

system infected miner.bitcoinminer activity 7

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Destination Address,Source Address,Traffic Description
05/04/2019 08:28:41,High,An intrusion attempt by 168.235.86.33 was blocked.,Blocked,No Action Required,System Infected: Miner.Bitcoinminer Activity 7,No Action Required,No Action Required,"168.235.86.33, 3368","JC1 (192.168.0.10, 59652)",168.235.86.33,"TCP, Port 3368"
Network traffic from <b>168.235.86.33</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME4\USERS\STEPH\DESKTOP\MINEATOMS\MINEATOMS\MINEATOMS\BIN\CORE.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 

system infected miner.bitcoinminer activity 16

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Destination Address,Source Address,Traffic Description
05/04/2019 08:28:41,High,An intrusion attempt by JC1 was blocked.,Blocked,No Action Required,System Infected: Miner.Bitcoinminer Activity 16,No Action Required,No Action Required,"JC1 (192.168.0.10, 59652)","168.235.86.33, 3368",JC1 (192.168.0.10),"TCP, Port 59652"
Network traffic from <b>JC1</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME4\USERS\STEPH\DESKTOP\MINEATOMS\MINEATOMS\MINEATOMS\BIN\CORE.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 

and web attack JSCoinminer Website

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
05/04/2019 08:23:51,Medium,An intrusion attempt by localhost was blocked.,Blocked,No Action Required,Web Attack: JSCoinminer Website,No Action Required,No Action Required,"localhost (127.0.0.1, 50094)",webminepool.comwebminepool.com:443,"localhost (127.0.0.1, 59435)",localhost (127.0.0.1),"TCP, Port 50094"
Network traffic from <b>webminepool.comwebminepool.com:443</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME4\USERS\STEPH\DESKTOP\MINEATOMS\MINEATOMS\MINEATOMS\WMPMINERGUI.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 

i want to be able to allow the app and website but don't want to disable the full rule so how can i allow it!!!!!

For info: I have allow the app thru the firewall but still be blocked

Norton internet security 22.17.0.183

Windows 10 version 1809 build 17763.404

回复

好评0

Re: online miner being flag!

Hello scecil

Please try to upload the necessary files to Virus Total.and see if they find the files as clean. About 20 different Security programs test the files and each will state their findings.

www.virustotal.com  

Have a Good Night and

Thanks.

Success always occurs in private and failure in full view. Windows 7 Pro 64 bit Norton Core Security Plus 22.17.1.50 Core Firmware 282 I E 11 Chrome latest version.
好评0

Re: online miner being flag!

Generally, coin miner software is installed without the user's knowledge. It uses large amount of the computer's resources while mining the bitcoin, but it is usually done for the bad guys who got the software onto your computer. That is why Norton detects and blocks this software.

Things happen. Export/Backup your Norton Password Manager data.
好评1 Stats

Re: online miner being flag!

Here is a Norton blog announcement on Coin Miner protection in Norton. At the bottom is information on how to bypass this protection. Do this at your own risk.

https://community.norton.com/en/blogs/product-update-announcements/protection-against-coinminer-malware

Things happen. Export/Backup your Norton Password Manager data.

This thread is closed from further comment. Please visit the forum to start a new thread.