climateprediction.net home page

High Security Risk: hadam3p_6... .exe detected by SONAR


Advanced search

Questions and Answers : Windows : High Security Risk: hadam3p_6... .exe detected by SONAR

AuthorMessage
patbouvry
Send message
Joined: Sep 1 09
Posts: 2
Credit: 67,323
RAC: 0
Message 38677 - Posted 12 Jan 2010 17:23:55 UTC

    Good news!

    After hundreds of hours on the project, Norton just quarantined the files: hadam3p_6.10_windows_intelx86.exe and hadam3p_6.07_windows_intelx86.exe and categorized them as HIGH RISK to the security of private information and computing activities on my computer. Status: Fully Removed (!!!)

    Could someone please explain how this can happen, before I cancel this project on BOINC. If I need to restore that file from Norton, please let me know why such files were identified as compromising my computer.

    Thanks,
    Pat

    Profile geophi
    Forum moderator
    Send message
    Joined: Aug 7 04
    Posts: 1475
    Credit: 22,510,102
    RAC: 1,173
    Message 38678 - Posted 12 Jan 2010 17:52:34 UTC

      Of course anything is possible, but overwhelmingly such things are due to \"false positives\", i.e. the antivirus software identifying something that is not a virus/not malware incorrectly.

      Les Bayliss
      Forum moderator
      Send message
      Joined: Sep 5 04
      Posts: 5240
      Credit: 8,816,117
      RAC: 2,303
      Message 38680 - Posted 12 Jan 2010 19:24:59 UTC

        And the cure is to do some quarantining of your own.

        In the menu of the AV, find the place where it allows you to stop it from scanning BOINC. BOTH parts of it.
        Norton has been notorious for this sort of problem for years.


        ____________
        Backups: Here

        patbouvry
        Send message
        Joined: Sep 1 09
        Posts: 2
        Credit: 67,323
        RAC: 0
        Message 38690 - Posted 13 Jan 2010 4:17:09 UTC

          Ok, I\'ll restore the files in Norton, and try to exclude Boinc project files from future scrutiny.

          But we should agree that this ought to be looked into. There\'s enough infringement on privacy in normal software as it is. The last thing we\'d want is compromising project files on BOINC.

          Thanks.
          Cheers,

          Pat

          Profile geophi
          Forum moderator
          Send message
          Joined: Aug 7 04
          Posts: 1475
          Credit: 22,510,102
          RAC: 1,173
          Message 38691 - Posted 13 Jan 2010 5:55:57 UTC

            I guarantee you that there is no one at cpdn programming to steal privacy information from you through climate model executables. We\'ve been around this project a long time and have seen various false positives from different antivirus software manufacturers. First it was Antivir, then Sophos and Norton, then NOD, now back to Norton again, all on different versions of boinc or cpdn programs. More than likely some signature file was downloaded yesterday to Norton, that had similar behavior identified with some malware. Norton \"thinks\" the behavior of the hadam3p programs are similar enough that it incorrectly classified it as malware. I have the same files on my PCs, but my McAfee at work and AVG at home are not identifying them as anything bad.

            A couple previous threads on this issue:

            http://climateprediction.net/board/viewtopic.php?p=47348

            http://climateapps2.oucs.ox.ac.uk/cpdnboinc/forum_thread.php?id=5949

            Profile JIM
            Send message
            Joined: Dec 31 07
            Posts: 652
            Credit: 3,847,750
            RAC: 3,076
            Message 38692 - Posted 13 Jan 2010 9:16:47 UTC - in response to Message 38690.

              Ok, I\'ll restore the files in Norton, and try to exclude Boinc project files from future scrutiny.

              But we should agree that this ought to be looked into. There\'s enough infringement on privacy in normal software as it is. The last thing we\'d want is compromising project files on BOINC.

              Thanks.
              Cheers,

              Pat


              Just be happy that Norton only quarantined the files. Several months ago, another version of Norton Sonar simply deleted the files that it believed were malware. People lost not only the running copy, but, their backup copies. Norton just sent them to cyber- limbo.

              ____________

              Profile mo.v
              Forum moderator
              Avatar
              Send message
              Joined: Sep 29 04
              Posts: 2359
              Credit: 6,899,067
              RAC: 478
              Message 38693 - Posted 13 Jan 2010 11:53:28 UTC

                This is an argument for making backups off the main drive if possible. I keep mine on an external hard disk which can be plugged into either computer.
                ____________
                Cpdn news

                Profile JIM
                Send message
                Joined: Dec 31 07
                Posts: 652
                Credit: 3,847,750
                RAC: 3,076
                Message 38712 - Posted 14 Jan 2010 22:32:01 UTC

                  A lot cheaper than a hard drive is “thumb” flash drive. Here in the United States they are about $2USD per GB. An 8GB drive can store several backups.

                  ____________

                  Post to thread

                  Questions and Answers : Windows : High Security Risk: hadam3p_6... .exe detected by SONAR




                  Copyright © 2002-2014 climateprediction.net