Questions and Answers :
Windows :
VIRUS IN THE PROJECTS
Message board moderation
Previous · 1 · 2
Author | Message |
---|---|
pabla Send message Joined: 8 Jul 12 Posts: 2 Credit: 0 RAC: 0 |
BilBG, I must apologize, I forgot to mention: I am using Avira free Antivirus. |
Jord Send message Joined: 9 Jun 99 Posts: 15184 Credit: 4,362,181 RAC: 3 |
So do I, but mine doesn't find anything in the file. I downloaded it specifically, since I'm using optimized applications. Avira Version information: BUILD.DAT : 12.0.0.1125 AVSCAN.EXE : 12.3.0.15 VBASE031.VDF : 7.11.35.128 64000 Bytes 8-7-2012 21:27:58 Configuration settings for the scan: Jobname.............................: ShlExt Configuration file..................: C:\Users\Ageless\AppData\Local\Temp\3a632566.avp Logging.............................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: P:, Process scan........................: off Scan registry.......................: off Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: extended Skipped files.......................: D:\BOINC613\*, D:\Crytek\Crysis 2\bin32\Crysis2.exe, D:\Crytek\Crysis 2\bin32\Crysis2Launcher.exe, E:\Crytek\*, k:\*.*, P:\ProgramData\*, Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR, Start of the scan: maandag 9 juli 2012 22:53 Starting the file scan: Begin scan in 'P:\ProgramData\ap_graphics_6.01_windows_intelx86.exe' End of the scan: maandag 9 juli 2012 22:53 Used time: 00:00 Minute(s) The scan has been done completely. 0 Scanned directories 2 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 2 Files not concerned 0 Archives were scanned 0 Warnings 0 Notes Our advice is always to exclude the BOINC Data directory from being scanned by your anti-virus and other anti-malware scanners and only to scan these by hand, after you exited BOINC (or suspended it), to avoid loss of work. As you can see, I have my data directory excluded from being scanned. If you want to do so as well, open Avira, click Realtime Protection, Configuration, Scan, Exceptions, with the ... box search on "File objects to be scanned" (Second option) for your BOINC Data directory (default at C:\Programdata\BOINC\ under Windows Vista and Windows 7), select the BOINC main directory and click Add, click Apply, click OK. |
BilBg Send message Joined: 27 May 07 Posts: 3720 Credit: 9,385,827 RAC: 0 |
Two more Antivirus scan results (nothing found): http://r.virscan.org/report/364572dc4292f30b165afe592eb2a626.html http://virusscan.jotti.org/en/scanresult/f8165a9bc2bcc55cde281bc4089a2af4d6cc348f (Despite using the same Antivirus programs the sites (virustotal.com, virscan.org, virusscan.jotti.org) sometimes give different results probably because they use different settings (e.g. heuristics sensitivity level)) Â - ALF - "Find out what you don't do well ..... then don't do it!" :) Â |
coffee Send message Joined: 18 Feb 12 Posts: 4 Credit: 12,481 RAC: 0 |
Hello there, it seems so. Since several days I got the same message, that there's an update of BOINCE available. Still... when I want to go on reading on my Firefox, the browser says "Sorry, you can't trust this site. It seems to be a faked site!" I didn't download the new version of BOINC. And my e-mail-account, on which I communicate with BOINC, has been attacked the last days! My question now is: is there a new version of BOINC? Here's the link to the site, my Firefox browser says NO to: https://boinc.berkeley.edu/manager_links.php?target=notice&controlid=download Can anybody do something with this? I suggested you, NOT to follow this link! Kind greetings, coffee |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Hello there, https://boinc.berkeley.edu/manager_links.php?target=notice&controlid=download is the correct URL to get BOINC updates. You can tell it is not fake because it belongs directly to the Berkeley.edu domain. Fake sites would try to fool you with something like Berkeley.edu.net or Berkeley.edu.nl or something like that. When I visit https://boinc.berkeley.edu/manager_links.php?target=notice&controlid=download on Firefox, it does NOT say that it is a fake, it simply says that the site's security certificate cannot be verified through a third party (such as VeriSign), so Firefox says that the secure connection cannot be trusted. The problem is that Berkeley doesn't use a third-party signed certificate - they use a self-signed certificate. The problem stems from the fact that web browsers have no way to verify the authenticity of a self-signed certificate, and many companies and educational facilities do not trust using third-party certificates, so web browsers tell the user that the sites is "untrusted". In this case, it is OK to select "I understand the Risks" and continue on to the BOINC download page. |
Jord Send message Joined: 9 Jun 99 Posts: 15184 Credit: 4,362,181 RAC: 3 |
https://boinc.berkeley.edu/manager_links.php?target=notice&controlid=download Addendum to what (the invisible name guy) said, if you do not want to use the secure connection, you can also use the unsecure download link, at http://boinc.berkeley.edu/download.php, which does the same, really. |
coffee Send message Joined: 18 Feb 12 Posts: 4 Credit: 12,481 RAC: 0 |
Hello, many thanks for your replys! I became unsure, because I got the messages, that there's a new version of BOINC six times (normally a message has only been sent once!). And then Firefox told me, that it might be a faked page, all my bells inside were ringing... ;-) I'm glad, that I can trust in your software... at least! ;-) Especially cause my e-mail-account has been hacked, as I said. The hacker sent mails from my account which I didn't know about... Anyway... can I download the new version while it's still working on wu's? Another question... the last time I downloaded a wu of seti, I received a wu from astropulse. Is astropulse working together with seti? Greetings, coffee |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Yes, you can update BOINC while you have work in progress. AstroPulse is another form of SETI@Home. Or put another way, SETI@Home has two types of applications: MultiBeam (narrowband) and AstroPulse (broadband). |
coffee Send message Joined: 18 Feb 12 Posts: 4 Credit: 12,481 RAC: 0 |
Thanks for your reply! Better, one time asked too much than one time too less... ;-) Kind regards, coffee |
wmtknox5 Send message Joined: 2 Aug 12 Posts: 1 Credit: 0 RAC: 0 |
Uh, I got a virus warning off the SETI@home project. My Vipre Anti-virus said libfftw3f-3-1-1a_upx.dll contained a known trojan and didn't allow the file to open. To be safe, I uninstalled BOINC & deleted all the files. Any guidance would be much appreciated. Here's the warning. Apologize for this being in XML, but I figure some of you are good enough to read it without too much trouble. <?xml version="1.0" encoding="UTF-16"?> <APEvent SchemaVersion="4.0.0" DefaultConfig="false" EventTypeEnum="2" TimeoutInSeconds="0" MonitorID="2003" MsgID="{055C2E9A-1159-4EE7-8EB6-CA66D7723633}" MonitorTypeEnum="2" RecommendScan="true" SDKVersion="5.2.5162" ThreatDefVersion="12462" APEventID="{D2C90A69-782E-422D-A212-C372A1BC9319}" IsAllowOk="true" IsAllowAlwaysOk="true" IsBlockOk="true" IsBlockAlwaysOk="true" IsQuarantineOk="true" EventActorEnum="2" EventDateTime="2012-08-02T08:59:35" TransactionID=""> <ParentProcess FilePath="C:\Program Files\BOINC\boinc.exe" PID="5128" FileSize="930992" MD5="" CRC8="0B1B05BFA8040000" CobraPackHash="0000000000000000" KnownAsEnum="1" ThreatID="0" AddedToUserKnown="false" Company="Space Sciences Laboratory" FileVersion="7.0.28" ProductName="BOINC client" ProductVersion="7.0.28" Description="BOINC client" Copyright="© 2003-2012 University of California"/> <FileMonitor FilePath="C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-1-1a_upx.dll" MD5="e3d0548010ae1efa62545ac739da4c1d" CRC8="3E3FB975D92A0000" CobraPackHash="0000000000000000" KnownAsEnum="2" ThreatID="4752972" Company="" FileVersion="" ProductName="" ProductVersion="" Description="" Copyright=""/> <FinalDispositionInfo DispositionEnum="2" AuthorityEnum="2" QuarantineStatusCode="1" QID="" UserName="\\FRUGAL\Marketing" ErrorEnum="0"/> </APEvent> |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Have you tried scanning that file with any of the other online scanners mentioned in this thread? If you had, I'm confident that you'd find the warning to be a false positive. "libfftw3f-3-1-1a_upx.dll" is an open source file and is required to process Fast Fourier Transform functions for SETI@Home. |
©2024 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.