I just checked all my machines and noticed that multiple of them had a Trojan listed as "severe." None of these machines have ever opened a internet browser so the only way they can communicate with the outside world is BOINC. Below is a picture of what windows defender caught: Trojan: Script/Cloxer.D!cl
|ID: 49337 | Rating: 0 | rate: / Reply Quote|
Have you submitted it to https://www.virustotal.com/#/home/upload for a second (multiple) opinion?
|ID: 49339 | Rating: 0 | rate: / Reply Quote|
(The file in question is restart.idx, which is the part of the checkpoint the app makes frequently)
Have you submitted it to https://www.virustotal.com/#/home/upload for a second (multiple) opinion?This is quite futile for two reasons:
1. The content of this file is changing, so the submitted sample will be different from what the original AV checked.
2. If it has the same content then the same algorithm (pattern recognition, heuristics, AI) of different AV will detect the same threat.
The practice of checking a file in question with multiple AV is ambiguous in general because in most cases it could give both positive and negative results, so it depends on the user which one to believe. (The most of AV softwares use a common database for pattern recognition.)
... but I'd be pretty damn sure it's another proof of the Shakespearean principle: an infinite number of monkeys, using an infinite number of typewriters, will eventually write something that looks like a computer virusI agree: this is a false positive.
|ID: 49340 | Rating: 0 | rate: / Reply Quote|
Please let me know if anyone else has received this virus.I've had similar virus warning this morning.
Your is Cloxer.D!cl
Mine is Cloxer.A!cl
BTW if I check the file (restart.idx) now, it won't detect any threat in it.
Accidentally I have two AV on my hosts; but only Microsoft's builtin AV finds this trojan in this file, my other AV (Malwarebyte's Antimalware) does not. (perhaps MSAV quarantined the file before the other AV could check it.)
|ID: 49349 | Rating: 0 | rate: / Reply Quote|