malware dnetc518-w32-x86.exe detected

Questions and Answers : Windows : malware dnetc518-w32-x86.exe detected
Message board moderation

To post messages, you must log in.

AuthorMessage
Bluedinette
Avatar

Send message
Joined: 21 Oct 11
Posts: 5
Credit: 11,411,057
RAC: 0
Message 1223 - Posted: 21 Oct 2011, 21:20:43 UTC
Last modified: 21 Oct 2011, 21:21:03 UTC

hello evy body
The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)
-GPU-Z-

-F@H-
ID: 1223 · Rating: 0 · rate: Rate + / Rate - Report as offensive
mikey
Avatar

Send message
Joined: 22 Jun 11
Posts: 1997
Credit: 1,000,866,048
RAC: 0
Message 1232 - Posted: 22 Oct 2011, 11:37:54 UTC - in response to Message 1223.  

hello evy body
The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


Give it a day or so, it is probably a false positive they usually are. One thing alot of us have done is to exclude the Boinc set of directories from the AV check, but keep every other directory to be checked. That way if it is a false positive, we won't know it, and if it really is a problem then when it expands beyond the Boinc directories it will be caught.
ID: 1232 · Rating: 0 · rate: Rate + / Rate - Report as offensive
Bluedinette
Avatar

Send message
Joined: 21 Oct 11
Posts: 5
Credit: 11,411,057
RAC: 0
Message 1239 - Posted: 23 Oct 2011, 18:26:18 UTC - in response to Message 1232.  

HALICE

566 Moo!Wrapper 23.10.2011 20:03:29 / [error] Signature verification error for dnetc518-win32-x86.exe
567 Moo!Wrapper 23.10.2011 20:03:29 / [error] Checksum or signature error for dnetc518-win32-x86.exe

-GPU-Z-

-F@H-
ID: 1239 · Rating: 0 · rate: Rate + / Rate - Report as offensive
Crash

Send message
Joined: 4 Nov 11
Posts: 2
Credit: 4,404
RAC: 0
Message 1335 - Posted: 4 Nov 2011, 10:59:47 UTC

my av software is detecting it as a trojan as well
ID: 1335 · Rating: 0 · rate: Rate + / Rate - Report as offensive
mikey
Avatar

Send message
Joined: 22 Jun 11
Posts: 1997
Credit: 1,000,866,048
RAC: 0
Message 1339 - Posted: 4 Nov 2011, 11:13:03 UTC - in response to Message 1335.  

my av software is detecting it as a trojan as well


Is it just that file or others too? If just that one file then it is probably a false positive, no fun in making a virus that doesn't spread beyond itself!
ID: 1339 · Rating: 0 · rate: Rate + / Rate - Report as offensive
Crash

Send message
Joined: 4 Nov 11
Posts: 2
Credit: 4,404
RAC: 0
Message 1345 - Posted: 5 Nov 2011, 7:30:07 UTC - in response to Message 1339.  

both the cpu and gpu exe's are being detected as trojans

Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe

Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe

im usin an ISP provided AV suite and i cant manually add items to the exclude list :( but i ran through a bunch of tasks and no infections elsewhere in the pc. just it keeps deleting the exe's as soon as it detects them and is screwing up the WU's
ID: 1345 · Rating: 0 · rate: Rate + / Rate - Report as offensive
mikey
Avatar

Send message
Joined: 22 Jun 11
Posts: 1997
Credit: 1,000,866,048
RAC: 0
Message 1350 - Posted: 5 Nov 2011, 12:17:43 UTC - in response to Message 1345.  

both the cpu and gpu exe's are being detected as trojans

Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe

Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe

im usin an ISP provided AV suite and i cant manually add items to the exclude list :( but i ran through a bunch of tasks and no infections elsewhere in the pc. just it keeps deleting the exe's as soon as it detects them and is screwing up the WU's


Maybe you can contact Tech Support to figure out how to exclude directories, that is what most people do. They exclude the Boinc directories and then if it really is a problem catch it when it infects other parts of the pc.
ID: 1350 · Rating: 0 · rate: Rate + / Rate - Report as offensive
Profile Teemu Mannermaa
Project administrator
Project developer
Project tester

Send message
Joined: 20 Apr 11
Posts: 360
Credit: 755,796,644
RAC: 100,183
Message 1354 - Posted: 6 Nov 2011, 12:42:47 UTC - in response to Message 1223.  

The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


D.net Client detections like this are what I was referring toin http://moowrap.net/forum_thread.php?id=104#921. There's not much I can do about those, unfortunately. :(

both the cpu and gpu exe's are being detected as trojans
Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe
Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe


But these are the wrapper application I compile and it seems to be doing something similar to what a some generic Trojan would do and thus gets flagged as suspicious. :( What I can do here is to recompile the wrapper and hope it doesn't match their signatures anymore. This and some additional fixes are what I'm working on for the v1.3 of the application.

Additionally, I would appreciate if somebody that get this detection could contact their AV vendor and ask what these samples do that their AV software consider suspicious. By knowing this I could try to make sure wrapper doesn't do that anymore in case the simple recompile isn't enough.

-w
ID: 1354 · Rating: 0 · rate: Rate + / Rate - Report as offensive
mikey
Avatar

Send message
Joined: 22 Jun 11
Posts: 1997
Credit: 1,000,866,048
RAC: 0
Message 1362 - Posted: 7 Nov 2011, 15:05:10 UTC - in response to Message 1354.  

The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


D.net Client detections like this are what I was referring toin http://moowrap.net/forum_thread.php?id=104#921. There's not much I can do about those, unfortunately. :(

both the cpu and gpu exe's are being detected as trojans
Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe
Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe


But these are the wrapper application I compile and it seems to be doing something similar to what a some generic Trojan would do and thus gets flagged as suspicious. :( What I can do here is to recompile the wrapper and hope it doesn't match their signatures anymore. This and some additional fixes are what I'm working on for the v1.3 of the application.

Additionally, I would appreciate if somebody that get this detection could contact their AV vendor and ask what these samples do that their AV software consider suspicious. By knowing this I could try to make sure wrapper doesn't do that anymore in case the simple recompile isn't enough.

-w


Is that something Dr. David Anderson can help with?
ID: 1362 · Rating: 0 · rate: Rate + / Rate - Report as offensive

Questions and Answers : Windows : malware dnetc518-w32-x86.exe detected


 
Copyright © 2011-2017 Moo! Wrapper Project