Console Client runing with no install

This client will only use a single CPU

Moderators: Site Moderators, PandeGroup

Console Client runing with no install

Postby Freemove » Tue Oct 14, 2008 12:49 pm

Good day.

I have a very strange problem, I have installed the CPU client 6.20 1 August 2008. It runs fine on my machine, it being a quad and sits hapily at 25%

What is strange is that I have another machine on the local network that appears to be running the FAH_Core82.exe and console by 2, and on that, thrashing the machine.

It has not been offically installed on this machine, is there some sort of distributed network process at play ? or is the machine someones bot ?. (I do know it has been compromised by something)
Freemove
 
Posts: 4
Joined: Tue Oct 14, 2008 12:37 pm

Re: Console Client runing with no install

Postby Freemove » Tue Oct 14, 2008 1:22 pm

I have found further information on this issue, and it does look like a FOLDing@home user has compromised this pc and used it as his clone to run and hence accrue points towards his team. Seams like a good deal of effort though for a means to something trivial, but it is not trivial in practice.

The console client version is 5.0.4.0, and curiously enough has been placed into a directory called
c:\windows\Maximize CPU Utilisation\CPU #01 And
c:\windows\Maximize CPU Utilisation\CPU #02

The system is actually a single core Anthlon XP

Below is a log file excert from the app. There is no doubt at all that this was not installed onto the machine willingly

If there is no other explanation as to how this was placed onto the machine I would suggest the user and hence the team be held to account for this.

Code: Select all
--- Opening Log file [October 14 11:29:50]


# Windows Console Edition #####################################################
###############################################################################

                       Folding@Home Client Version 5.04beta

                          http://folding.stanford.edu

###############################################################################
###############################################################################

Launch directory: C:\WINDOWS\Maximize CPU Utilization\CPU #01
Service: C:\WINDOWS\Maximize CPU Utilization\CPU #01\FAH-Console.exe
Arguments: -local -svcstart

Launched as a service.
Entered C:\WINDOWS\Maximize CPU Utilization\CPU #01 to do work.

[11:29:50] - Ask before connecting: No
[11:29:50] - User name: FTLSpeed (Team 149135)
[11:29:50] - User ID not found locally
[11:29:50] + Requesting User ID from server
[11:29:53] - Machine ID: 5
[11:29:53]
[11:29:53] Work directory not found. Creating...
[11:29:53] Could not open work queue, generating new queue...
[11:29:53] + Benchmarking ...
[11:29:56] - Preparing to get new work unit...
[11:29:56] + Attempting to get work packet
[11:29:56] - Connecting to assignment server
[11:29:58] - Successful: assigned to (169.230.26.30).
[11:29:58] + News From Folding@Home: Welcome to Folding@Home
[11:29:58] Loaded queue successfully.
[11:30:02] + Closed connections
Freemove
 
Posts: 4
Joined: Tue Oct 14, 2008 12:37 pm

Re: Console Client runing with no install

Postby KezNews » Tue Oct 14, 2008 1:30 pm

guess you should stop it and delete it then. Wonder how it got into your system
KezNews
 
Posts: 7
Joined: Tue Oct 14, 2008 1:28 pm

Re: Console Client runing with no install

Postby osgorth » Tue Oct 14, 2008 2:11 pm

Sounds like you've been hacked then.. :(

It appears this user has put this into serious practice as well. I see no less than 540 active processors for this user. That's quite a lot of machines!
Image
osgorth
 
Posts: 165
Joined: Fri Sep 12, 2008 10:46 am

Re: Console Client runing with no install

Postby toTOW » Tue Oct 14, 2008 2:15 pm

I already seen similar username in install bundled with torrent files (typically game cracks) ...

Thanks for the report, I've notified the PandeGroup, they'll take care of this case.
Folding@Home beta tester since 2002. Folding Forum moderator since July 2008.

FAH-Addict : latest news, tests and reviews about Folding@Home project.

Image
User avatar
toTOW
Site Moderator
 
Posts: 8917
Joined: Sun Dec 02, 2007 10:38 am
Location: Bordeaux, France

Re: Console Client runing with no install

Postby VijayPande » Tue Oct 14, 2008 2:53 pm

We are looking into this.
User avatar
VijayPande
Pande Group Member
 
Posts: 2662
Joined: Fri Nov 30, 2007 6:25 am
Location: Stanford

Re: Console Client runing with no install

Postby Shadowtester » Tue Oct 14, 2008 3:11 pm

Garbage like that could be reason enough for some spyware and or antivirus vendors to tag F@H as a malicious program need to cut that offender off at the knees!!!
Shadowtester

Image
User avatar
Shadowtester
 
Posts: 160
Joined: Tue Dec 04, 2007 4:18 am

Re: Console Client runing with no install

Postby jrweiss » Tue Oct 14, 2008 4:00 pm

I have found further information on this issue, and it does look like a FOLDing@home user has compromised this pc and used it as his clone to run and hence accrue points towards his team. Seams like a good deal of effort though for a means to something trivial, but it is not trivial in practice.

It is also a practice that is absolutely prohibited by the F@H license, and abhorred by all legitimate Folders.

You may be able to help more by trying to track down the app/download that installed the rogue client and reporting back.
i4770K/AMD RX460 (CPU6+GPU), i7-3770S/AMD7750 (CPU6+GPU), Win7-64 Pro
User avatar
jrweiss
 
Posts: 1186
Joined: Tue Dec 04, 2007 6:56 am
Location: Gotta guess!

Re: Console Client runing with no install

Postby Freemove » Wed Oct 15, 2008 3:32 pm

I would like to thank everyone on the posts so far, I have not as yet removed the offending software(the system is turned off and isolated),

I will provide more information and track down what date this was installed and perhaps what prior process did the install it, and will and can provide any information required upon request, those who manage the forum can obtain my email address.

Short on time at the moment.

Thanks again.
Freemove
 
Posts: 4
Joined: Tue Oct 14, 2008 12:37 pm

Re: Console Client runing with no install

Postby Royalty » Thu Oct 23, 2008 12:00 pm

We have a similar case. This one has hitch along with a copy of dreamweaver:
in dutch: http://gathering.tweakers.net/forum/lis ... es/1316366
Royalty
 
Posts: 8
Joined: Tue Oct 14, 2008 8:34 am

Re: Console Client runing with no install

Postby dicecca112{LR} » Thu Oct 23, 2008 1:03 pm

http://forums.legitreviews.com/post125571.html#p125571

One of our members has come across this as well, I am an admin at legitreviews, please contact me if you need any more information

Matt
dicecca112{LR}
 
Posts: 9
Joined: Sun Dec 02, 2007 4:49 pm

Re: Console Client runing with no install

Postby Freemove » Mon Nov 03, 2008 10:14 am

Hello, well after this report, I was just wondering if anything was done about it, not that I am demanding something but I am curious as to if there was an outcome.
Freemove
 
Posts: 4
Joined: Tue Oct 14, 2008 12:37 pm

Re: Console Client runing with no install

Postby Iannis » Thu Dec 11, 2008 8:06 am

It's a shame for all

You have to ban this guys from the project
Iannis
 
Posts: 26
Joined: Thu Jan 10, 2008 12:30 am

Re: Console Client runing with no install

Postby A_gamer » Thu Dec 11, 2008 8:35 am

I agree with dr.Iannis, that team should be deleted.
Hardware configuration: ATI HD4850 (GPU 6.23 - Vista32), Intel Core 2 Quad Q9550 (SMP Linux 6.02@2 cores - Sabayon64@VMWare)
(So that you don't bother going to my profile :p)

Team 36673
A_gamer
 
Posts: 20
Joined: Sun Oct 12, 2008 9:28 am

Re: Console Client runing with no install

Postby MstrBlstr » Thu Dec 11, 2008 8:41 am

Please see >> viewtopic.php?p=61388#p61388

PG is aware of the situation.

More information may be forthcoming as they know more.
-=MB=-
User avatar
MstrBlstr
 
Posts: 791
Joined: Thu Nov 29, 2007 7:03 pm
Location: Texas

Next

Return to Windows Classic V6.23 Client

Who is online

Users browsing this forum: Yandex [Bot] and 2 guests

cron