Norton Internet Security does not like collatz V4.07 - cuda 5.0 for intel x86
log in

Advanced search

Message boards : Windows : Norton Internet Security does not like collatz V4.07 - cuda 5.0 for intel x86

Author Message
Profile fthibaud0001
Send message
Joined: 26 Dec 09
Posts: 2
Credit: 422,544,603
RAC: 192,626
Message 16698 - Posted: 4 Jun 2013, 15:25:55 UTC

Norton Internet Security does not like collatz V4.07 - cuda 5.0 for intel x86; specifically:
collatz_4.07_windows_intelx86__cuda50.exe
mini_collatz_4.07_windows_intelx86__cuda50.exe
solo_collatz_4.07_windows_intelx86__cuda50.exe

Norton believes that they are infected by "Suspicious.Cloud.7.F" based on malware heuristics; I can imagine it is a false positive. Could you check?

Below the log:


Filename: collatz_4.07_windows_intelx86__cuda50.exe
Threat name: Suspicious.Cloud.7.F
Full Path: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\collatz_4.07_windows_intelx86__cuda50.exe

____________________________

Details
Very Few Users,  Very New,  Risk High

Origin
Downloaded from Unknown

Activity
Actions performed: Actions performed: 1

____________________________


On computers as of 2013-05-31 at 10:34:17
Last Used 2013-05-31 at 20:07:18
Startup Item No
Launched No

____________________________


Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week  ago.

High
This file risk is high.

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.



____________________________



Source: External Media
Source File:
msiexec.exeFile Created:
boinc.exeFile Created:
collatz_4.07_windows_intelx86__cuda50.exe

____________________________

File Actions

Infected file: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\collatz_4.07_windows_intelx86__cuda50.exeRemoved
____________________________


File Thumbprint - SHA:
de0cfbddf890952296f6af797d130b905b686ea1c0197446d524cd316d009a81
File Thumbprint - MD5:
Not available



Filename: mini_collatz_4.07_windows_intelx86__cuda50.exe
Threat name: Suspicious.Cloud.7.F
Full Path: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\mini_collatz_4.07_windows_intelx86__cuda50.exe

____________________________

Details
Very Few Users,  Very New,  Risk High

Origin
Downloaded from Unknown

Activity
Actions performed: Actions performed: 1

____________________________


On computers as of 2013-05-29 at 19:03:03
Last Used 2013-05-31 at 20:08:02
Startup Item No
Launched No

____________________________


Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week  ago.

High
This file risk is high.

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.



____________________________



Source: External Media
Source File:
msiexec.exeFile Created:
boinc.exeFile Created:
mini_collatz_4.07_windows_intelx86__cuda50.exe

____________________________

File Actions

Infected file: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\mini_collatz_4.07_windows_intelx86__cuda50.exeRemoved
____________________________


File Thumbprint - SHA:
de0cfbddf890952296f6af797d130b905b686ea1c0197446d524cd316d009a81
File Thumbprint - MD5:
Not available





Filename: solo_collatz_4.07_windows_intelx86__cuda50.exe
Threat name: Suspicious.Cloud.7.F
Full Path: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\solo_collatz_4.07_windows_intelx86__cuda50.exe

____________________________

Details
Very Few Users,  Very New,  Risk High

Origin
Downloaded from Unknown

Activity
Actions performed: Actions performed: 1

____________________________


On computers as of 2013-05-29 at 19:25:49
Last Used 2013-05-31 at 20:08:45
Startup Item No
Launched No

____________________________


Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week  ago.

High
This file risk is high.

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.



____________________________



Source: External Media
Source File:
msiexec.exeFile Created:
boinc.exeFile Created:
solo_collatz_4.07_windows_intelx86__cuda50.exe

____________________________

File Actions

Infected file: c:\programdata\boinc\projects\boinc.thesonntags.com_collatz\solo_collatz_4.07_windows_intelx86__cuda50.exeRemoved
____________________________


File Thumbprint - SHA:
de0cfbddf890952296f6af797d130b905b686ea1c0197446d524cd316d009a81
File Thumbprint - MD5:
Not available

Profile mikey
Avatar
Send message
Joined: 11 Aug 09
Posts: 3279
Credit: 1,903,435,998
RAC: 12,132,047
Message 16730 - Posted: 6 Jun 2013, 11:24:31 UTC - in response to Message 16698.

Norton Internet Security does not like collatz V4.07 - cuda 5.0 for intel x86; specifically:
collatz_4.07_windows_intelx86__cuda50.exe
mini_collatz_4.07_windows_intelx86__cuda50.exe
solo_collatz_4.07_windows_intelx86__cuda50.exe

Norton believes that they are infected by "Suspicious.Cloud.7.F" based on malware heuristics; I can imagine it is a false positive. Could you check?


This happens periodically with different a/v programs as they change the way they check for viruses and other bad stuff. The easiest work around is to just exclude the Boinc directories from the scan. IF there is a virus or other bad thing in Boinc and it only connects to the projects, it is not my concern. IF however it comes out into the rest of your pc, Norton will catch it! But as long as a bad thing never leaves the set of Boinc directories, why should I care, it isn't bad to me?!

Profile Slicker
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist
Avatar
Send message
Joined: 11 Jun 09
Posts: 2528
Credit: 740,580,099
RAC: 0
Message 16740 - Posted: 6 Jun 2013, 19:32:19 UTC

I've never been a fan of Norton Bloatware, err.. I mean Norton Internet Security. They used to have a really good product. They, like all others, seem to think it's OK if their software uses hundreds of MB of RAM, 20% of the CPU, etc. when it should be a background app.

Anyway... the collatz apps are not infected. They just have to have a few bytes of code which match the footprint of the virus. Since BOINC uses an MD5 hash to check that the file matches the one retrieved by the server, I doubt that the files were infected after they were downloaded to your machine or else BOINC would complain that the hash didn't match and re-download them.

Profile mikey
Avatar
Send message
Joined: 11 Aug 09
Posts: 3279
Credit: 1,903,435,998
RAC: 12,132,047
Message 16748 - Posted: 7 Jun 2013, 11:47:25 UTC - in response to Message 16740.

I've never been a fan of Norton Bloatware, err.. I mean Norton Internet Security. They used to have a really good product. They, like all others, seem to think it's OK if their software uses hundreds of MB of RAM, 20% of the CPU, etc. when it should be a background app.

Anyway... the collatz apps are not infected. They just have to have a few bytes of code which match the footprint of the virus. Since BOINC uses an MD5 hash to check that the file matches the one retrieved by the server, I doubt that the files were infected after they were downloaded to your machine or else BOINC would complain that the hash didn't match and re-download them.


Yeah I used to use Norton ALOT back in the day, now I use the free ones more often, 15 running pc's means waaay too much money spent of other stuff so free alternatives are a good thing!

Every once in a while most a/v programs complain about Boinc, then they get some complaints and they fix it. They are trying to be aggressive against the constantly changing virus writers out there, but sometimes they cross that line and whoops something gets 'caught' that shouldn't.

Profile Slicker
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist
Avatar
Send message
Joined: 11 Jun 09
Posts: 2528
Credit: 740,580,099
RAC: 0
Message 16749 - Posted: 7 Jun 2013, 13:34:35 UTC

Microsoft Security Essentials is free for Vista, Win7, and Win8. You can also install on Server 2008. It has a fairly small footprint and did pretty well in the anti-virus comparisons.

Profile mikey
Avatar
Send message
Joined: 11 Aug 09
Posts: 3279
Credit: 1,903,435,998
RAC: 12,132,047
Message 16751 - Posted: 7 Jun 2013, 21:28:54 UTC - in response to Message 16749.

Microsoft Security Essentials is free for Vista, Win7, and Win8. You can also install on Server 2008. It has a fairly small footprint and did pretty well in the anti-virus comparisons.


That is actually the one I use on all my pc's, except my Windows Home Server, it just won't work on it. I use another free one on it, ClamWin. I also use MalwareBytes on each of my pc's, the free versions of course, and run a manual scan monthly prior to the backups.


Post to thread

Message boards : Windows : Norton Internet Security does not like collatz V4.07 - cuda 5.0 for intel x86


Main page · Your account · Message boards


Copyright © 2018 Jon Sonntag; All rights reserved.