malware dnetc518-w32-x86.exe detected

log in

Advanced search

Questions and Answers : Windows : malware dnetc518-w32-x86.exe detected

Author Message
Bluedinette
Avatar
Send message
Joined: 21 Oct 11
Posts: 5
Credit: 11,411,057
RAC: 0
Message 1223 - Posted: 21 Oct 2011, 21:20:43 UTC
Last modified: 21 Oct 2011, 21:21:03 UTC

hello evy body
The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)
____________
-GPU-Z-

-F@H-

mikey
Avatar
Send message
Joined: 22 Jun 11
Posts: 1973
Credit: 1,000,866,048
RAC: 0
Message 1232 - Posted: 22 Oct 2011, 11:37:54 UTC - in response to Message 1223.

hello evy body
The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


Give it a day or so, it is probably a false positive they usually are. One thing alot of us have done is to exclude the Boinc set of directories from the AV check, but keep every other directory to be checked. That way if it is a false positive, we won't know it, and if it really is a problem then when it expands beyond the Boinc directories it will be caught.

Bluedinette
Avatar
Send message
Joined: 21 Oct 11
Posts: 5
Credit: 11,411,057
RAC: 0
Message 1239 - Posted: 23 Oct 2011, 18:26:18 UTC - in response to Message 1232.

HALICE

566 Moo!Wrapper 23.10.2011 20:03:29 / [error] Signature verification error for dnetc518-win32-x86.exe
567 Moo!Wrapper 23.10.2011 20:03:29 / [error] Checksum or signature error for dnetc518-win32-x86.exe

____________
-GPU-Z-

-F@H-

Crash
Send message
Joined: 4 Nov 11
Posts: 2
Credit: 4,404
RAC: 0
Message 1335 - Posted: 4 Nov 2011, 10:59:47 UTC

my av software is detecting it as a trojan as well

mikey
Avatar
Send message
Joined: 22 Jun 11
Posts: 1973
Credit: 1,000,866,048
RAC: 0
Message 1339 - Posted: 4 Nov 2011, 11:13:03 UTC - in response to Message 1335.

my av software is detecting it as a trojan as well


Is it just that file or others too? If just that one file then it is probably a false positive, no fun in making a virus that doesn't spread beyond itself!

Crash
Send message
Joined: 4 Nov 11
Posts: 2
Credit: 4,404
RAC: 0
Message 1345 - Posted: 5 Nov 2011, 7:30:07 UTC - in response to Message 1339.

both the cpu and gpu exe's are being detected as trojans

Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe

Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe

im usin an ISP provided AV suite and i cant manually add items to the exclude list :( but i ran through a bunch of tasks and no infections elsewhere in the pc. just it keeps deleting the exe's as soon as it detects them and is screwing up the WU's

mikey
Avatar
Send message
Joined: 22 Jun 11
Posts: 1973
Credit: 1,000,866,048
RAC: 0
Message 1350 - Posted: 5 Nov 2011, 12:17:43 UTC - in response to Message 1345.

both the cpu and gpu exe's are being detected as trojans

Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe

Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe

im usin an ISP provided AV suite and i cant manually add items to the exclude list :( but i ran through a bunch of tasks and no infections elsewhere in the pc. just it keeps deleting the exe's as soon as it detects them and is screwing up the WU's


Maybe you can contact Tech Support to figure out how to exclude directories, that is what most people do. They exclude the Boinc directories and then if it really is a problem catch it when it infects other parts of the pc.

Profile Teemu Mannermaa
Project administrator
Project developer
Project tester
Send message
Joined: 20 Apr 11
Posts: 356
Credit: 749,579,969
RAC: 143,264
Message 1354 - Posted: 6 Nov 2011, 12:42:47 UTC - in response to Message 1223.

The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


D.net Client detections like this are what I was referring toin http://moowrap.net/forum_thread.php?id=104#921. There's not much I can do about those, unfortunately. :(

both the cpu and gpu exe's are being detected as trojans
Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe
Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe


But these are the wrapper application I compile and it seems to be doing something similar to what a some generic Trojan would do and thus gets flagged as suspicious. :( What I can do here is to recompile the wrapper and hope it doesn't match their signatures anymore. This and some additional fixes are what I'm working on for the v1.3 of the application.

Additionally, I would appreciate if somebody that get this detection could contact their AV vendor and ask what these samples do that their AV software consider suspicious. By knowing this I could try to make sure wrapper doesn't do that anymore in case the simple recompile isn't enough.

-w

mikey
Avatar
Send message
Joined: 22 Jun 11
Posts: 1973
Credit: 1,000,866,048
RAC: 0
Message 1362 - Posted: 7 Nov 2011, 15:05:10 UTC - in response to Message 1354.

The file dnetc518-w32-x86.exe to detect as malware@3nj4wpp0cm2p7, by COMODO I.S. 5.8 (last update in 21.10.2010)


D.net Client detections like this are what I was referring toin http://moowrap.net/forum_thread.php?id=104#921. There's not much I can do about those, unfortunately. :(

both the cpu and gpu exe's are being detected as trojans
Trojan.Generic.KD.311346 detected in dnetc_1.02_windows_intelx86_ati14.exe
Trojan.Generic.KD.311346 detected in dnetc_1.2_windows_intelx86.exe


But these are the wrapper application I compile and it seems to be doing something similar to what a some generic Trojan would do and thus gets flagged as suspicious. :( What I can do here is to recompile the wrapper and hope it doesn't match their signatures anymore. This and some additional fixes are what I'm working on for the v1.3 of the application.

Additionally, I would appreciate if somebody that get this detection could contact their AV vendor and ask what these samples do that their AV software consider suspicious. By knowing this I could try to make sure wrapper doesn't do that anymore in case the simple recompile isn't enough.

-w


Is that something Dr. David Anderson can help with?

Questions and Answers : Windows : malware dnetc518-w32-x86.exe detected


Main page · Your account · Message boards


Copyright © 2011-2017 Moo! Wrapper Project