Scan says Virus and On-Demand Scan says No Virus

A back-up folder created on 2013-01-04 was flagged as having a virus. This folder has been scanned many times by Norton and this is the first notification I've received. When I did an On-Demand Scan it says there are zero risks. Is this an issue with Norton? Which do I believe?

 

Screen shot of messages - https://www.dropbox.com/s/a83g75nib27rkxt/Screenshot%202014-03-19%2015.33.36.png

Thanks for being honest. :D I will try MalwareBytes. It may be tomorrow before I report back.

Hi
Yes please post back as soon as you can!
And don’t forget to check here every now and again just incase anyone posts insightful information about your problem!

Good luck!
Regards

A back-up folder created on 2013-01-04 was flagged as having a virus. This folder has been scanned many times by Norton and this is the first notification I've received. When I did an On-Demand Scan it says there are zero risks. Is this an issue with Norton? Which do I believe?

 

Screen shot of messages - https://www.dropbox.com/s/a83g75nib27rkxt/Screenshot%202014-03-19%2015.33.36.png

Installed and updated Malwarebytes. MalwareBytes didn't find anything in the folder that Norton flagged. I also scanned the entire drive with Norton and MalwareBytes. No issues were found by either.

Not sure why I didn't check earlier, looked up Suspicious.Cloud.5 virus - http://www.symantec.com/security_response/writeup.jsp?docid=2010-090200-2232-99 

Discovered: September 1, 2010

Type: Trojan, Virus
"Suspicious.Cloud.5 is a detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers."

Reading the first paragraph in the Technical Details tab it sounds like Suspicious.Cloud.5 is part of Symantec's products.

Unless I'm missing something, Suspicious.Cloud.5 is a part of Norton products so it wants me to remove a part of itself.

Hi. HeartThrobs. Suspicious.Cloud.5 is not part of Symantec. It is however detected by Norton sometimes if a site has been compromised. It is possibly a false positive, and you can submit it to Symantec, if you wish.

 

Details are here.    http://community.norton.com/t5/Announcements/How-to-report-false-positives/m-p/225309#M19

 

Quads has added some more info for you.

 

No it is not detecting itself, it is a detection name for Norton / Symantec products, but that does not mean it is detecting itself, as seen by the path location.

 

The File detected is inside a backup set zip archive and the file cannot be deleted from inside an archive, The archive looks like is also (as i can't see the full size image) on another backup partition or drive (E:\)

 

There are a couple of reasons why a scan you have done with Norton has come back clean.  But if you open the zip archive and delete the offending file and then close the .zip archive or delete the zip archive from your computer the file inside will be gone.

 

After or if you have already deleted the zip archive then you have to clear the Unresolved Threats listings otherwise Norton can keep reminding the user of the unresolved lising even though the file is gone.

 

The user used Dropbox to upload screenshots not that dropbox is infected, Dropbox is OK I have clicked the link.

 

I have had to deal with removing backup sets in the past due to them also have the malware or PUP's inside, that is just the way it goes

 

 

Quads

Thanks everyone for your help!