Jump to content

False positive detection - NiceHash QuickMiner


Samo

Recommended Posts

We are hereby reporting a false positive detection of our software NiceHash QuickMiner (NHQM). The software is accessible on our web page - https://miner.nicehash.com. NiceHash QuickMiner is a software which enables Hashing power providers to point their PCs or rigs towards NiceHash stratum servers and sell their hashing power to the Hashing power buyers. It is the most advanced, transparent and safe application on the market. The reason for this request is because your Antivirus detects our NHQM application falsely as harmful.

 

Virus Total report: 

  • Application: NiceHashQuickMiner.exe

  • Source website:

     https://miner.nicehash.com

     

  • Detected by: Malwarebytes

  • Detection: RiskWare.BitCoinMiner


The file is falsely detected as suspicious/dangerous and we would very much like to address this issue accordingly, due to the following: 

 

  • Our software is end-to-end developed and maintained by our company, we have full control of our source code. 

  • Our software is signed with EV (Digi cert) code signing certificate, issued by DigiCert to our company.

  • Our software includes various protections that prevents usage of our software by potential malicious users such as botnets or illegal copying/distribution; including but limited to: mandatory captcha; hw-id recognition; server-side botnet detections.

 

This situation has a strong negative business impact. Our support team is overwhelmed by user emails regarding this topic. We are working very hard and spend a lot of resources to maintain a good reputation for our company and brand.    

 

The ”false” detection causes serious economic damage and is severely hindering our company’s reputation, as well as yours. We would appreciate it if you could exclude our software from detection immediately. 

 

We are willing to work with you on this issue to the fullest extent. 

 

Thank you and kind regards, NiceHash Legal Department


 

NiceHashQuickMinerInstaller.exe.zip

Edited by AdvancedSetup
corrected font issue
Link to post
Share on other sites

Hi,

Detection has been removed. Due to the nature of crypto miners and behavior that is often classified as Riskware by MalwareBytes and other antivirus vendors and due to the fact that bad guys might try to use legitimate miners for bad purposes we cannot guarantee that one of your future or past releases won't be detected by our generic detection. If that happens we will remove the detection per your request.

Edited by TwinHeadedEagle
Link to post
Share on other sites

  • 1 month later...
10 minutes ago, Mohammedv183 said:

I keep getting this when scanning

Please provide the scan log showing the detection.

To get the log from Malwarebytes do the following:
 

Single click on the target sight above scanner window.

In the new window select Report

Double click on the Scan log which shows the Date and time of the scan just performed.

Click Export > From export you have two options:
Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
 

Please use " Copy to Clipboard " then paste the contents here in your next reply

Please double-click on one of the block entries shown in the image you posted to view the report, then click the Export link on the bottom left of the report and select Copy to clipboard, then paste the contents here in your next reply so that we may take a look and advise you based on what it shows.

Thanks

Link to post
Share on other sites

12 hours ago, Porthos said:

Please provide the scan log showing the detection.

To get the log from Malwarebytes do the following:
 

Single click on the target sight above scanner window.

In the new window select Report

Double click on the Scan log which shows the Date and time of the scan just performed.

Click Export > From export you have two options:
Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
 

Please use " Copy to Clipboard " then paste the contents here in your next reply

Please double-click on one of the block entries shown in the image you posted to view the report, then click the Export link on the bottom left of the report and select Copy to clipboard, then paste the contents here in your next reply so that we may take a look and advise you based on what it shows.

Thanks

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/15/21
Scan Time: 4:09 PM
Log File: a3e97c7a-ce15-11eb-817e-2cf05d38cd9d.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1318
Update Package Version: 1.0.41755
License: Trial

-System Information-
OS: Windows 10 (Build 19041.1052)
CPU: x64
File System: NTFS
User: DESKTOP-6C5Q0VB\Mohammed

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 321479
Threats Detected: 3
Threats Quarantined: 0
Time Elapsed: 1 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
RiskWare.BitCoinMiner, C:\PROGRAM FILES\NICEHASH\NICEHASHQUICKMINER\EXCAVATOR.EXE, No Action By User, 914, 919829, , , , , 1B8123D2B23124C873B104B209FA11A6, 4078A656BA3E5A4278F2EC68C978E27E2DA85F643CBBAAE761396A9A2C2D43E1

Module: 1
RiskWare.BitCoinMiner, C:\PROGRAM FILES\NICEHASH\NICEHASHQUICKMINER\EXCAVATOR.EXE, No Action By User, 914, 919829, , , , , 1B8123D2B23124C873B104B209FA11A6, 4078A656BA3E5A4278F2EC68C978E27E2DA85F643CBBAAE761396A9A2C2D43E1

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
RiskWare.BitCoinMiner, C:\PROGRAM FILES\NICEHASH\NICEHASHQUICKMINER\EXCAVATOR.EXE, No Action By User, 914, 919829, 1.0.41755, 2FEF6E32604F1463FA58F8A7, dds, 01290973, 1B8123D2B23124C873B104B209FA11A6, 4078A656BA3E5A4278F2EC68C978E27E2DA85F643CBBAAE761396A9A2C2D43E1

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Just now, Mohammedv183 said:

Yes

To exclude these items you need to perform a scan (a Threat scan or Hyper scan should do) and then at the end when it shows the list of detection's, uncheck any item that you do not want removed and click Next.  When prompted on what to do with the remaining unchecked items, select Ignore Always and they will be added to your exclusions and will no longer be detected by future scans.

Also might want to Exclude an Application that Connects to the Internet section of this support article.  as well.

 

  • Like 1
Link to post
Share on other sites

  • 10 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.