I just checked all my machines and noticed that multiple of them had a Trojan listed as "severe." None of these machines have ever opened a internet browser so the only way they can communicate with the outside world is BOINC. Below is a picture of what windows defender caught: Trojan: Script/Cloxer.D!cl
https://ibb.co/cW4ME7

I highly suggest everyone check all of their systems and update windows. It should download and install the latest windows defender definitions of which hopefully will help.

Please let me know if anyone else has received this virus.

Have you submitted it to https://www.virustotal.com/#/home/upload for a second (multiple) opinion?

Which project had a task running in your slots\4 at the time? Oh, sorry - forget that, it's one of ours.



It's not one of the files sent to us by the project as part of a workunit, and it isn't one we send back as part of a result, either. It's just part of the checkpointing that enables up to pick up on a part-processed task after a restart. The creation time for my example suggests that, too - it was written, on my machine, by a program running on my machine: namely, the acemd program we will have received months ago with our first cuda80 task.

Check it further by all means, but I'd be pretty damn sure it's another proof of the Shakespearean principle: an infinite number of monkeys, using an infinite number of typewriters, will eventually write something that looks like a computer virus

(The file in question is restart.idx, which is the part of the checkpoint the app makes frequently)

Have you submitted it to https://www.virustotal.com/#/home/upload for a second (multiple) opinion?

This is quite futile for two reasons:
1. The content of this file is changing, so the submitted sample will be different from what the original AV checked.
2. If it has the same content then the same algorithm (pattern recognition, heuristics, AI) of different AV will detect the same threat.

The practice of checking a file in question with multiple AV is ambiguous in general because in most cases it could give both positive and negative results, so it depends on the user which one to believe. (The most of AV softwares use a common database for pattern recognition.)

... but I'd be pretty damn sure it's another proof of the Shakespearean principle: an infinite number of monkeys, using an infinite number of typewriters, will eventually write something that looks like a computer virus

I agree: this is a false positive.

Please let me know if anyone else has received this virus.

I've had similar virus warning this morning.
Your is Cloxer.D!cl
Mine is Cloxer.A!cl
BTW if I check the file (restart.idx) now, it won't detect any threat in it.
Accidentally I have two AV on my hosts; but only Microsoft's builtin AV finds this trojan in this file, my other AV (Malwarebyte's Antimalware) does not. (perhaps MSAV quarantined the file before the other AV could check it.)