VIRUS IN THE PROJECTS

Questions and Answers : Windows : VIRUS IN THE PROJECTS
Message board moderation

To post messages, you must log in.

1 · 2 · Next

AuthorMessage
Peter
Avatar

Send message
Joined: 4 May 12
Posts: 22
Credit: 26,746
RAC: 0
United States
Message 1253988 - Posted: 1 Jul 2012, 4:09:42 UTC

I have a problem who ever said that this is virus free. I am sorry but one of the projects I uploaded had a virus, I will have to delete all my projects a signed to me and get new once. After $250.00 a Tech for HP found where it came from and it had seti on it now I will be down at times. So just keep alert and run a virus check on uploaded projects. Just letting everyone know about it. Any question please e-mail me or call.

Peter L
THEY SEE YOU!! LOOK UP!!
ID: 1253988 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1254008 - Posted: 1 Jul 2012, 5:14:16 UTC - in response to Message 1253988.  

There is absolutely no way a virus came from a SETI workunit. Either you had what is known as a false positive or you got your virus elsewhere.

The SETI@Home workunits are not executable data and therefore can never cause harm to your computer.
ID: 1254008 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1254107 - Posted: 1 Jul 2012, 12:51:24 UTC - in response to Message 1254008.  

There is absolutely no way a virus came from a SETI workunit. Either you had what is known as a false positive or you got your virus elsewhere.

The SETI@Home workunits are not executable data and therefore can never cause harm to your computer.

and further the tech you talked to is probably full of fecal material


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1254107 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1254287 - Posted: 1 Jul 2012, 18:19:43 UTC - in response to Message 1253988.  


Do you REALLY say that you gave $250 to a 'tech' that tells lies to get your money??

I bet you are using some stupid antivirus (Trend Micro, Comodo, Symantec/Norton)

Scan your file here:
https://www.virustotal.com/
http://virscan.org/

I'm using ESET NOD32 Antivirus 4.2.71.2


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1254287 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 1254360 - Posted: 1 Jul 2012, 22:31:18 UTC

Next time spend your money on books like:
The internet for dummies
and
Computer viruses for dummies

That way you save a whole 225 dollars to do fun other things with.

:-)
ID: 1254360 · Report as offensive
Profile Gatekeeper
Avatar

Send message
Joined: 14 Jul 04
Posts: 887
Credit: 176,479,616
RAC: 0
United States
Message 1254361 - Posted: 1 Jul 2012, 22:42:43 UTC

Just FYI, the OP has opened a new thread in "Getting Started", here
ID: 1254361 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1254630 - Posted: 2 Jul 2012, 18:45:36 UTC

I hope you don't think we were just being jerks.

You never told us what he found or why you needed to completely reformat your HDD and reinstall Windows. That seems a bit extreme or someone is trying to make a bunch of money off of something mundane as a bad driver.


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1254630 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1254822 - Posted: 3 Jul 2012, 0:43:25 UTC - in response to Message 1254630.  
Last modified: 3 Jul 2012, 0:43:49 UTC

I think it is as simple as a false positive. Likely the Anti-Virus scanner found a string of characters in a SETI@Home workunit that resembled a virus signature (hence a "false positive"), and like most people they freak out whenever a virus alert pops up. The HP tech likely told him the only way to make sure the virus was gone was to erase everything and start from scratch (a practice all to common in IT and it usually comes from IT people who don't understand viruses or computers on a high level).


I wasn't trying to be a jerk at all, just stating in a factual manner that there is no way a virus was found in a SETI@Home workunit.
ID: 1254822 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1255103 - Posted: 3 Jul 2012, 16:02:52 UTC

Agreed, I just don't want an angry user out there expecting to be laughed at for every question that they bring here.

Though to be honest a complete drive wipe for a false positive virus alert is probably the most extreme example of nukes for mosquito repellent I've seen.


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1255103 · Report as offensive
rob smith Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer moderator
Volunteer tester

Send message
Joined: 7 Mar 03
Posts: 22149
Credit: 416,307,556
RAC: 380
United Kingdom
Message 1255132 - Posted: 3 Jul 2012, 21:01:50 UTC

It might be extreme, but it isn't the first time,. nor will it be the last. I worked for an IT support company for a short time, and had more than one client refuse to believe that what they were seeing was a false positive, and shouldn't they do something about it. One of the other desk jockeys was prone to say "Well, if you are really not sure this isn't a virus there is only one way to cure it - reformat your hard disk" (he was talking about "curing" the user, not the false positive.... And then hit them with a £10 per MINUTE charge, typical call duration 30 minutes to that point - now that makes 250 dollars sound a real bargain!!

(I would pass my insistent callers over to him, knowing that I would get 60% of the "call fee", while my colleague would get 40%, and I could knock off a few simple calls while he was sorting the awkward one out....)
Bob Smith
Member of Seti PIPPS (Pluto is a Planet Protest Society)
Somewhere in the (un)known Universe?
ID: 1255132 · Report as offensive
John McLeod VII
Volunteer developer
Volunteer tester
Avatar

Send message
Joined: 15 Jul 99
Posts: 24806
Credit: 790,712
RAC: 0
United States
Message 1255207 - Posted: 4 Jul 2012, 0:23:29 UTC

I have one time re-formatted a HD to rid myself of a virus. Notably the time that it installed a rootkit that MalwareBytes could not (at that time) expunge. And yes, I did have my data backed up. Reinstalled all programs from original sources though. It was a pain in the rear.


BOINC WIKI
ID: 1255207 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1256008 - Posted: 5 Jul 2012, 19:09:46 UTC - in response to Message 1255207.  

Sure, as a last resort a re-image (or complete re-install) is necessary. In most cases a virus can be "exterminated" by a decent program, but I prefer removing them manually.
ID: 1256008 · Report as offensive
John McLeod VII
Volunteer developer
Volunteer tester
Avatar

Send message
Joined: 15 Jul 99
Posts: 24806
Credit: 790,712
RAC: 0
United States
Message 1256141 - Posted: 6 Jul 2012, 0:11:30 UTC - in response to Message 1256008.  

Sure, as a last resort a re-image (or complete re-install) is necessary. In most cases a virus can be "exterminated" by a decent program, but I prefer removing them manually.

Root kits can be difficult for a program to exterminate, and next to impossible to squash by hand.


BOINC WIKI
ID: 1256141 · Report as offensive
pabla

Send message
Joined: 8 Jul 12
Posts: 2
Credit: 0
RAC: 0
Germany
Message 1257579 - Posted: 8 Jul 2012, 16:12:08 UTC - in response to Message 1256141.  

Hi guys, I just wanted to report a trojan found in the installation of the seti software. I had just signed up for the project and it was being downloaded by the manager, when it finished downloading some parts, my AV software showed this message:

In der Datei 'C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\ap_graphics_6.01_windows_intelx86.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

sorry for the German, is says in the file"..." a virus or unwanted program"..." was found.

Action: Access denied.

Just letting you know. Thanks.
ID: 1257579 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1257588 - Posted: 8 Jul 2012, 16:47:39 UTC - in response to Message 1257579.  

Pabla,

Please read the rest of this thread. The message you received from your anti-virus program is a false positive.

The reason why your anti-virus thinks p_graphics_6.01_windows_intelx86.exe is a virus is because it consumes all available CPU cycles, which many anti-virus programs think is virus/worm activity.

There is no virus in p_graphics_6.01_windows_intelx86.exe and if you want to crunch, you need to allow the program to execute. In fact, you should create an exception in your anti-virus software allowing all activity to your BOINC Program Data directory (usually C:\ProgramData\BOINC for all Vista and Win7 machines).
ID: 1257588 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 1257617 - Posted: 8 Jul 2012, 17:58:55 UTC

Never just only believe your AV scanner. Put the executable into https://www.virustotal.com/ and if it says on most of its 42 scanners that something is wrong, then something may be wrong.

However, the file can also be infected on your machine.

The likelihood that Seti science applications come infected to your machine, is very very very extremely very remote. They're built on a Linux system and distributed from that Linux system. While it's true that there are Linux viruses, the amount of them being around are few, when compared to Windows viruses. And a Windows virus infecting a Linux system would be a first.
ID: 1257617 · Report as offensive
Profile Earthmage
Avatar

Send message
Joined: 27 Mar 12
Posts: 2
Credit: 3,017
RAC: 0
United States
Message 1257620 - Posted: 8 Jul 2012, 18:06:53 UTC

I've had this program running on my computer for a few months, so I'm not certain that the problem I've been having recently is related. However, since the SETI@home is running the entire time my laptop is on, I'm curious to know if anyone else has had the annoying issue where advertisement audio plays without any related windows being opened.

It started maybe in the last few weeks. While going about my business online, something occasionally occurs in which I hear advertisements being played, but have no visuals. Sometimes, I get snippets of songs in the rap, hip-hop, and Mexican genres (none of which are music that I want to hear while I'm surfing the web). It continues after I've completely closed out of any open windows, so I suspect that it may be linked to anything running in the background. I'm no techie here, so I have no idea where to look or even if it's possible that it can somehow be related to the continually running SETI@home program.

If this sounds even remotely familiar to you, or if you have any suggestions for how I might begin figuring out what's going on in order to cease it for good, I would greatly appreciate it.
"Our task must be to free ourselves ... by widening our circle of compassion to embrace all living creatures and the whole of nature and its beauty."--Albert Einstein
ID: 1257620 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1257639 - Posted: 8 Jul 2012, 19:52:29 UTC - in response to Message 1257617.  

And a Windows virus infecting a Linux system would be a first.


Not that uncommon if the Linux system is running WINE. ;-)
ID: 1257639 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1257640 - Posted: 8 Jul 2012, 19:54:41 UTC - in response to Message 1257620.  

I'm curious to know if anyone else has had the annoying issue where advertisement audio plays without any related windows being opened.

It started maybe in the last few weeks. While going about my business online, something occasionally occurs in which I hear advertisements being played, but have no visuals. Sometimes, I get snippets of songs in the rap, hip-hop, and Mexican genres (none of which are music that I want to hear while I'm surfing the web). It continues after I've completely closed out of any open windows, so I suspect that it may be linked to anything running in the background. I'm no techie here, so I have no idea where to look or even if it's possible that it can somehow be related to the continually running SETI@home program.


That sounds like a web browser add-on, possibly installed via another piece of software (they like to tack on all sorts of crappy add-ons). I would start by going through all of your web browser add-ons and disabling any unfamiliar ones to see if the problem goes away.

BTW - This is also definitely not caused by SETI@Home.
ID: 1257640 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1257824 - Posted: 9 Jul 2012, 2:24:53 UTC - in response to Message 1257579.  

Hi guys, I just wanted to report a trojan found in the installation of the seti software. I had just signed up for the project and it was being downloaded by the manager, when it finished downloading some parts, my AV software showed this message:

In der Datei 'C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\ap_graphics_6.01_windows_intelx86.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

sorry for the German, is says in the file"..." a virus or unwanted program"..." was found.

Action: Access denied.

Just letting you know. Thanks.

"my AV software" is not at all informative, which is this strange antivirus?
(TrendMicro have habit of giving such false positives, and before my scan bellow
TrendMicro was marking (last scan result was a month ago) the http://boinc2.ssl.berkeley.edu/sah/download_fanout/ as 'Malicious site'!?)

NONE of the antivirus programs (Detection ratio: 0 / 42) gives any warning about:
http://boinc2.ssl.berkeley.edu/sah/download_fanout/ap_graphics_6.01_windows_intelx86.exe
https://www.virustotal.com/file/6be058f0ac2997fba8d37445d268b3efccd54a64f9b2b35fe4478e6300a39d41/analysis/1341799812/


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1257824 · Report as offensive
1 · 2 · Next

Questions and Answers : Windows : VIRUS IN THE PROJECTS


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.