Renocide.gen!G

Category: Worm

Description: This program is dangerous and self-propagates over a network connection.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items:
file:C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\06no10ad.29815.22153.7.10.73


Got this message today and removed the file manually since even though the anti-virus program said it was removed, it was still there.[/b]

---

I believe you may have gotten a false positive. I would think these are compressed format files which a virus can not be attached to, could be wrong on that though. Did your machine redownload the same WU by any chance? Next time something like that happens upload the file to a website like http://virusscan.jotti.org/en and see what the other engines think.

---

Traveling through space at ~67,000mph!

Normally he will get this Virus.. err...Workunit back via Resent lost Workunit. hehe

No, seriously - i think also this is a kind of false positive. ;-)

Helli

---

A loooong time ago: First Credits after SETI@home Restart

Thanks for responding... I also suspect that it was a false-positive, but better safe than sorry.

I also thought it would be prudent to let others here know... just in case...

It also seemed odd, that since I have been running S&H, I have never had this occur before.

---

Sounds like the "Independence Day" virus authored by Jeff Goldblum .. sorry, I couldn't resist.

Sooner or later a WU was bound to have the arbitrary characters of a virus signature ... none-the-less, it is a false positive since it's not executable code.

.. but if it really keeps you up at night, select the WU in Boinc, select Abort, double check that's the one ya wanna nix, and click ok. I'll crunch it if you won't ;-)

There looked to be some "compromised" DNS servers a few days ago.. so anything is possible. I agree on the "better safe than sorry" philosophy.

---

Janice

I really have to follow this lead.....

May take me a long ways from here.

So, follow me if you dare......

Politics.......

Se ya there.

Meow now.

---

"Freedom is just Chaos, with better lighting." Alan Dean Foster

Anybody got a bead on who the lead singer was?
Or 'where is she now'?

Her name was Mariska Veres; she died of cancer in 2006.

---

Anybody got a bead on who the lead singer was?
Or 'where is she now'?

Her name was Mariska Veres; she died of cancer in 2006.

Sorry to hear that, but thanks for the closure.


Thank you.

---

"Freedom is just Chaos, with better lighting." Alan Dean Foster

It was a Dutch Band, in the late 60's and seventies, called Shocking Blue, I've seen them play before their first 'hit single', on an isle in the North of the Netherlands, Ameland.

Nice memories and a long time ago, about 40 years.
(And some more names pop up, like Captain Beefheart (Don van Vliet) and his Magic Band, Jethro Tull, Tiny Tim, Jefferson Airplane, Frank Zappa, etc. :) )

But back on topic, you can exclude the BOINC Projects Folder from an
virus scan.

---

Got this message today and removed the file manually since even though the anti-virus program said it was removed, it was still there.[/b]

Much better if you would remove SETI project directory from AV scan paths.
It will increase your PC speed and save you from high blood pressure from such false alarms.
WU contains data, it's not executable. Roughly it's the same as to find worm inside WAV file...

Renocide.gen!G

Category: Worm

Description: This program is dangerous and self-propagates over a network connection.

Recommended action: Remove this software immediately.

[...]
Items:
file:C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\06no10ad.29815.22153.7.10.73


Got this message today and removed the file manually...

Oh... One of those Microsoft Windows things...

There's enough random data from s@h (and any other project) that you are very likely to get a false positive detection from a virus scanner at some time or other. Best is to exclude the Boinc data folders from the virus scanning. Should speed up your processing a little due to removing a little unnecessary wasted overhead.


I run all my machines with no virus scanner at all. Some hosts don't even need or run a firewall either.

Happy clean fast crunchin',
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

Renocide.gen!G

Category: Worm

Description: This program is dangerous and self-propagates over a network connection.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items:
file:C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\06no10ad.29815.22153.7.10.73


Got this message today and removed the file manually since even though the anti-virus program said it was removed, it was still there.[/b]

That is a data file, and since the contents are fairly random, you are going to get an occasional hit if all files are scanned. Nothing in the file is executed - ever.

---

BOINC WIKI

Steps of using a forum:
#1 Read the thread, not just the first post. At least scan the entire thread.
#2 Has anyone already said what you plan on saying or has it not been covered?
#3 If it has already been covered, discussed,passed out, hinted on etc there is no need for your post. However if it hasn't been go to step #4.
#4 Post your helpful thought and progress the discussion.

---

Traveling through space at ~67,000mph!