AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 . . . 7 · Next

AuthorMessage
Eric KorpelaProject Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1203
Credit: 17,404,863
RAC: 7,420
United States
Message 1373820 - Posted: 30 May 2013, 21:16:45 UTC - in response to Message 1373814.  
Last modified: 30 May 2013, 21:19:10 UTC

I wonder if it's only a problem when it scans the in memory copy when it is running. And if the exceptions list is based on the in memory footprint, it may be excepted. Does the original fail to scan on your AVG13?

http://boinc2.ssl.berkeley.edu/sah/download_fanout/setiathome_7.00_windows_intelx86.exe


@SETIEric

ID: 1373820 · Report as offensive
Profile S@NL Blue Angel
Avatar

Send message
Joined: 11 May 03
Posts: 271
Credit: 4,553,017
RAC: 0
Netherlands
Message 1373859 - Posted: 30 May 2013, 22:26:55 UTC - in response to Message 1373820.  

I have Trend Virus scan the best there is!!


ID: 1373859 · Report as offensive
Horacio

Send message
Joined: 14 Jan 00
Posts: 536
Credit: 75,967,266
RAC: 0
Argentina
Message 1373868 - Posted: 30 May 2013, 22:42:07 UTC

The linked files on previous posts and also the executable and library files downloaded from main for the CPU don't trigger any warning neither with the free version of Avast neither with the last Norton Antivirus...

The only warning in all cases was from MS Internet Explorer saying that the files were not commonly downloaded so it suggested to delete them, but as BOINC dont need a browser to download the files this should not be an issue... (even when the wording of the warning was really frightening LOL)


ID: 1373868 · Report as offensive
Eric KorpelaProject Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1203
Credit: 17,404,863
RAC: 7,420
United States
Message 1373895 - Posted: 30 May 2013, 23:20:48 UTC - in response to Message 1373859.  

I have Trend Virus scan the best there is!!


Never tried it. I was only talking about the false positives from their FakeAV detector.
@SETIEric

ID: 1373895 · Report as offensive
spyregyre

Send message
Joined: 25 Aug 01
Posts: 3
Credit: 18,199,398
RAC: 0
United States
Message 1373905 - Posted: 30 May 2013, 23:55:17 UTC

I just had both the stable and development version trigger AVG. My question is how to turn or exception boinc from AVG.

thanks.


ID: 1373905 · Report as offensive
Eric KorpelaProject Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1203
Credit: 17,404,863
RAC: 7,420
United States
Message 1373917 - Posted: 31 May 2013, 0:27:30 UTC - in response to Message 1373905.  

If it's like 2012, open the AVG interface, select AntiVirus and then click manage exceptions. Add your BOINC/projects/setiathome.berkeley.edu directory to the list of exceptions. That directory will probably either be C:\Program Data\BOINC\projects\setiathome.berkeley.edu or C:\Users\YourUsername\Program Data\BOINC\projects\setiathome.berkeley.edu

There also may be a way to mark programs as exception from the quarrantine list, but I don't have a way to check that.


@SETIEric

ID: 1373917 · Report as offensive
john
Avatar

Send message
Joined: 18 Sep 08
Posts: 2
Credit: 884,166
RAC: 17
United States
Message 1373926 - Posted: 31 May 2013, 1:07:52 UTC

avg has become well known for embarassing false positives.stopped using it years ago for that and many other reasons

ID: 1373926 · Report as offensive
ph.gsc.sevilla.larry

Send message
Joined: 13 Mar 12
Posts: 5
Credit: 3,470,581
RAC: 6,151
Philippines
Message 1373934 - Posted: 31 May 2013, 2:00:20 UTC

Avast: No Threat Found

I had BAD experiences with AVG, years ago.

ID: 1373934 · Report as offensive
DarkStar

Send message
Joined: 31 Jan 00
Posts: 2
Credit: 22,494,356
RAC: 8,021
United States
Message 1373954 - Posted: 31 May 2013, 3:13:31 UTC

Resident Shield in AVG 2012 identifies boinc.exe as a virus. I have seen it only on one computer with 2012 as of yet. Log follows.
Take care!

Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 11:01:54 PM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 7:22:22 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 4:18:57 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 2:29:38 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe";"Infected";"05/30/2013, 1:41:08 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 1:26:52 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setigraphics_7.00_windows_intelx86.exe";"Infected";"05/30/2013, 1:25:54 AM";"file";"C:\Program Files\BOINC\boinc.exe"


ID: 1373954 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 571
Credit: 64,164,470
RAC: 11,810
Finland
Message 1373978 - Posted: 31 May 2013, 4:20:54 UTC - in response to Message 1373693.  

If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe
and scan it with your virus scanner to see if it reports a problem with the uncompressed file?

And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe


No problem with those files.

ID: 1373978 · Report as offensive
Eric KorpelaProject Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1203
Credit: 17,404,863
RAC: 7,420
United States
Message 1373980 - Posted: 31 May 2013, 4:38:17 UTC - in response to Message 1373954.  

Resident Shield in AVG 2012 identifies boinc.exe as a virus. I have seen it only on one computer with 2012 as of yet. Log follows.


Yes, that's looks like a misidentification of the UPX compression method as a virus, probably because the in-memory image doesn't match the file on disk. I've contacted AVG. Hopefully they'll respond.
@SETIEric

ID: 1373980 · Report as offensive
Profile W.B. Cheney, III

Send message
Joined: 25 Feb 01
Posts: 4
Credit: 526,218
RAC: 396
Message 1373991 - Posted: 31 May 2013, 5:13:40 UTC

I have been running AGV Business Suite for 4 years and running BOINC longer than that. I have never had any problem and I am running Cosmology, Einstein, and SETI. I am using Windows 7, on a HP Pavilion m6-1045dx.


ID: 1373991 · Report as offensive
neuronics

Send message
Joined: 21 May 99
Posts: 1
Credit: 7,502,575
RAC: 4,482
Canada
Message 1373992 - Posted: 31 May 2013, 5:13:58 UTC

No issue here !


ID: 1373992 · Report as offensive
Profile S@NL Blue Angel
Avatar

Send message
Joined: 11 May 03
Posts: 271
Credit: 4,553,017
RAC: 0
Netherlands
Message 1374035 - Posted: 31 May 2013, 6:46:09 UTC
Last modified: 31 May 2013, 6:55:10 UTC

I am afraid the program catch a real virus in Boinc
But not on my computer, cause when it had a virus
Trend block the program right away, this system
Even give notice met when I come on a dangerous website.
With..leave the website cause this is dangerous.
Even the smallest male ware it catch that also.
I have to buy this Trend virus scan, but its
Word the money believe me! Trend has also a business
Virus scan for larger computers, maybe you better
Try that. I don't believe in AVG no more for a long time.
But anyway I still don't get work, the download fail
nothing is been send from your server?


http://download.cnet.com/Trend-Micro-Titanium-AntiVirus-Plus-2013/3000-18510_4-10440657.html


ID: 1374035 · Report as offensive
Profile Wiggo "Socialist"
Avatar

Send message
Joined: 24 Jan 00
Posts: 10531
Credit: 135,380,570
RAC: 39,465
Australia
Message 1374060 - Posted: 31 May 2013, 7:26:16 UTC - in response to Message 1374035.  

I've been running AVG for well over 11yrs now and I have never had this happen yet on any of my rigs (present or past) so it has me puzzled (not all that hard to do at times) as to why some do.

Cheers.

ID: 1374060 · Report as offensive
Profile S@NL Blue Angel
Avatar

Send message
Joined: 11 May 03
Posts: 271
Credit: 4,553,017
RAC: 0
Netherlands
Message 1374061 - Posted: 31 May 2013, 7:27:10 UTC - in response to Message 1373693.  

The Explorer can't find the url of download Boinc 7 for windows?
Don't get me wrong but I do need some New Work.


ID: 1374061 · Report as offensive
Profile ivan
Volunteer tester
Avatar

Send message
Joined: 5 Mar 01
Posts: 780
Credit: 232,635,410
RAC: 81,864
United Kingdom
Message 1374082 - Posted: 31 May 2013, 7:46:05 UTC - in response to Message 1374061.  
Last modified: 31 May 2013, 7:48:56 UTC

The Explorer can't find the url of download Boinc 7 for windows?
Don't get me wrong but I do need some New Work.

I'm having a similar problem at the moment, three files not downloading.
(setiathome_7.00_windows, setigraphics, and libfftw3f-3-3-_upx.dll)
[Edit] Actually, also a lot of task files showing up as Downloading in the tasks window, but making no appearance at all in the transfer window... [/e]

ID: 1374082 · Report as offensive
kittymanProject Donor
Volunteer tester
Avatar

Send message
Joined: 9 Jul 00
Posts: 45916
Credit: 815,227,403
RAC: 124,856
United States
Message 1374083 - Posted: 31 May 2013, 7:48:45 UTC - in response to Message 1374082.  

The Explorer can't find the url of download Boinc 7 for windows?
Don't get me wrong but I do need some New Work.

I'm having a similar problem at the moment, three files not downloading.
(setiathome_7.00_windows, setigraphics, and libfftw3f-3-3-_upx.dll)

Still going on, eh?

Give it time.

All my rigs were in the same trouble, and I went to sleep on it.

In the morning all had cleared.

In addition, Eric made an adjustment to the download servers.

See additional info in the v7 rollout thread.

Where...chuckle.....you should be posting this in the first place, not a news thread.
Cats.....what more does one need?

Have made friends in this life.
Most were cats.

ID: 1374083 · Report as offensive
Cornelis Rison

Send message
Joined: 16 Mar 02
Posts: 1
Credit: 1,743,816
RAC: 1,393
Germany
Message 1374141 - Posted: 31 May 2013, 9:38:50 UTC

Ive checked the files "boinc_7.0.64_windows_intelx86.exe" and "setiathome_7.00_windows_intelx86_repacked.exe" with AVG 2013. With both of them there were no problems!! ;-))


ID: 1374141 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 571
Credit: 64,164,470
RAC: 11,810
Finland
Message 1374152 - Posted: 31 May 2013, 9:56:07 UTC - in response to Message 1373678.  

Same problem with Avira Antivirus Free:


No problems with

Product version 13.0.0.3640 18.4.2013
Search engine 8.02.12.50 27.5.2013
Virus definition file 7.11.81.236 31.5.2013
Control Center 13.06.00.1194 7.5.2013
Config Center 13.06.00.1246 7.5.2013
Luke Filewalker 13.06.00.1262 7.5.2013
Real-Time Protection 13.06.00.778 2.4.2013
Filter 13.05.01.10 2.4.2013
Web Protection 13.06.07.1236 7.5.2013
Scheduler 13.06.00.778 2.4.2013
Updater 13.06.14.1262 7.5.2013
Rootkits Protection 13.05.01.05 2.4.2013
Local Decider 13.06.02.1262 7.5.2013

ID: 1374152 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 . . . 7 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2016 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.