#1
|
|||
|
|||
FlashX / Trojan:HTML/CoinMiner
Guten Tag,
das erste Mal dass bei mir der Windows Defender anspringt und dann ausgerechnet wg JDownloader. Code:
Erkannte Bedrohung: Trojan:HTML/CoinMiner file: C:\Users\XXX\AppData\Local\JDownloader 2.0\logs\1593162550263_Fri, Jun 26, 2020 11.09 +0200\flashx.net_jd.plugins.hoster.FlashxNet.log.0 Was nun? Panik? FlashX habe ich nicht besucht. Eigentlich noch nie. Um die Uhrzeit (zwischen 11 und 13 Uhr ca), die im Log-Dateinamen zu lesen ist, habe ich einen Quelltext von dailymotion.com mit JD2 eingelesen um alle Suche-Treffer in die Warteschleife zu bekommen. Danach war ich afk. Außerdem war ich nach einer Google-Suche zu dem Zeitpunkt auf xcine.tv - allerdings ohne Interaktion mit JDownloader. Würde mich freuen, wenn mir jemand sagen könnte, ob das an dem FlashX Plugin liegt, am JDownloader, an einem JDownloader plugin oder ob ich noch irgendwelche Maßnahmen treffen sollte. Vielen Dank schonmal! |
#2
|
||||
|
||||
the logs are source code from said provider, they are harmless. It has been covered on the forum numerous times before.
some of my responses to this query in the past https://board.jdownloader.org/showth...=logs+harmless https://board.jdownloader.org/showth...=logs+harmless
__________________
raztoki @ jDownloader reporter/developer http://svn.jdownloader.org/users/170 Don't fight the system, use it to your advantage. :] |
#3
|
|||
|
|||
Sorry, I searched for "Trojan:HTML/CoinMiner" and shortend but didnt find any results.
But: Somehow as I scanned dailymotion-source there must have been a link to FlashX in the code. Because as I took a closer look at the offline-links-container, there was a file called "downloadthis" with the url of **External links are only visible to Support Staff****External links are only visible to Support Staff**. As I tried to copy the url into this board, JDs clipboard scan scanned it again (smh) and the Windows Defender immediately reacted the same way again. Does this mean the flashx site is infected and if I would go on this page and run it, my PC would get invected too? Because when I google CoinMiner and FlashX there was some underground-blogs that posted about malware on flashx in the past. |
#4
|
||||
|
||||
I cant speak for your personal web browser software, but from JDownloaders perspective any of these websites that get triggered by defender (or other av software) is totally harmless. The way JD works is not how your traditional browser works, so even if it had bad components in source code it wont be possible to cause harm. My recommendation is to place a ignore in defender/AV software for 'JD install path/logs/*'
raztoki
__________________
raztoki @ jDownloader reporter/developer http://svn.jdownloader.org/users/170 Don't fight the system, use it to your advantage. :] |
Thread Tools | |
Display Modes | |
|
|