AVG 2013 virus scanner false positive on SETI@home 7 for Windows


log in

Advanced search

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Previous · 1 . . . 3 · 4 · 5 · 6 · 7 · Next
Author Message
ClaggyProject donor
Volunteer tester
Send message
Joined: 5 Jul 99
Posts: 4209
Credit: 34,469,766
RAC: 18,422
United Kingdom
Message 1381599 - Posted: 15 Jun 2013, 20:46:51 UTC - in response to Message 1381595.

DR.KORPELA,MY COMPUTER IS STILL HAVING TROUBLE RUNNING SETI@HOME PROGRAMS.LOUIS M.EASTON.

All your results completed O.K, what is the nature of your computer's problems?

All tasks for computer 6568745

Claggy

rob smithProject donor
Volunteer tester
Send message
Joined: 7 Mar 03
Posts: 8734
Credit: 61,635,771
RAC: 49,090
United Kingdom
Message 1381758 - Posted: 16 Jun 2013, 7:49:32 UTC

Stop shouting.
Eric works hard, very hard, and does so Monday to Friday. So either move your question into the "number crunching" part of the forum, or wait for Eric to respond.
____________
Bob Smith
Member of Seti PIPPS (Pluto is a Planet Protest Society)
Somewhere in the (un)known Universe?

Mark Sager
Send message
Joined: 15 Jul 12
Posts: 3
Credit: 1,474,786
RAC: 0
United States
Message 1382146 - Posted: 17 Jun 2013, 15:34:39 UTC

i just got the avg error on one of my boxes, then i added the execeptions rule to avg for boinc, and then restarted the boinc client. and it error out all projects. im trying a clean install now. Are we sure the virus scanner is false?

Profile BilBg
Volunteer tester
Avatar
Send message
Joined: 27 May 07
Posts: 2879
Credit: 6,453,015
RAC: 2,878
Bulgaria
Message 1382155 - Posted: 17 Jun 2013, 16:06:54 UTC - in response to Message 1382146.
Last modified: 17 Jun 2013, 16:15:41 UTC

Are we sure the virus scanner is false?

Yes

Check (click) the links in these posts:
http://setiathome.berkeley.edu/forum_thread.php?id=71784&postid=1373741#1373741

http://setiathome.berkeley.edu/forum_thread.php?id=71784&postid=1374180#1374180

Also this (Detection ratio: 0/47 for setiathome_7.00_windows_intelx86.exe):
https://www.virustotal.com/en/file/eb48e373ef5d59bc018ef687388cae5e824bc1dc09b1549eb95ddae5efbcbac0/analysis/


If you want - send your copy of setiathome_7.00_windows_intelx86.exe (or any other file you have doubt about):
https://www.virustotal.com/en/


____________



- ALF - "Find out what you don't do well ..... then don't do it!" :)

Mark Sager
Send message
Joined: 15 Jul 12
Posts: 3
Credit: 1,474,786
RAC: 0
United States
Message 1382156 - Posted: 17 Jun 2013, 16:13:55 UTC

i did a clean install and now all seems to be ok. But now i have like 8 error while computings and about 20 abandoned tasks for this fathersday task. so i hope it dont make people too mad about recrunching some of my tasks.

Profile Ageless
Avatar
Send message
Joined: 9 Jun 99
Posts: 12393
Credit: 2,666,323
RAC: 958
Netherlands
Message 1382508 - Posted: 18 Jun 2013, 19:57:06 UTC
Last modified: 18 Jun 2013, 19:58:17 UTC

Today I've been installing and uninstalling, and rebooting Windows a lot due to me writing a FAQ on how to add the BOINC Data directory as an exclusion to various antivirus products, both free and paid versions that I got trials for. Early in the morning I started off with making a Windows 7 Ultimate 64bit SP1 virtual machine in Virtual Box. Initial VM was 100GB, and it was allowed to use up to 6GB RAM. The only Windows Update I had allowed through was the English language pack (163MB).

Packages I tested were: Adaware Antivirus, Avast Free 2013, AVG Free 2013, Bitdefender Security, Comodo Antivirus, ClamWin, Eset NOD32 2013, Micrososft Security Essentials, Panda Cloud, Kapersky Pure 3.0, Norton 360 2013, McAffee 2013, Rising antivirus, Trend Micro 6.0 and Zone Alarm 2012.

Glad too that I use a VM, because upon uninstallation of Zone Alarm, Norton, McAffee, Comodo AND Trend Micro did Windows hang, and after a hard reboot of the VM had I lost the Windows boot loader, or worse. Zone Alarm was the worst, here I had to reinstall the VM, as even Windows recovery system couldn't fix Windows. DO NOT USE ZONE ALARM!

Bitdefender is the slowest installer of all, it took me 1.5 hours of installing. The initial installer goes through a scan of your system, then it downloads the package and definitions, then it does the install and then it scans again. Even on a 100Mbit connection that Virtual Box can use, the download speeds didn't get above 5KB/sec. !!
Uninstalling goes a lot quicker, though!

Upon uninstalling Trend Micro I noticed that my system was crawling at a snail's pace. Checking Processes, I found the VM was using the full 6GB of memory, meaning that in total I was using 7.43GB of my 8GB RAM. And thus swapping a lot to page file! None of the AVs before that had done this.

Comodo has gone quickly from a nice, quick, free package to a bloatware package. Not only does it install 6 different packages onto your system, when you go uninstall it, you have to do the other 5 by hand, and only after we done the initial reboot. And then you have to wait and see if your Windows loads after each reboot.

Norton has a special uninstaller that it needs to download first, then it'll uninstall parts of the AV, while in the mean time installing other crap that you then have to uninstall separately and reboot for. I feel pity for the people that must run this piece of crap.

At the end of each install & update cycle, I scanned my BOINC Data directory with all of these AVs, and none of them found anything wrong with anything in the directory. Not with Seti, not with Einstein, not with any of the 50 project directories in there.

After uninstalling all Avs, I found that each and every one of them had left crap behind in the Programdata, Program Files and Program Files (x86) directories. Up to 15GB worth of crap. The Windows VM that had started at 100GB, had grown to 117GB at the end of the install/uninstall cycle.
____________
Jord

Fighting for the correct use of the apostrophe, together with Weird Al Yankovic

Alinator
Volunteer tester
Send message
Joined: 19 Apr 05
Posts: 4178
Credit: 4,647,982
RAC: 0
United States
Message 1382513 - Posted: 18 Jun 2013, 20:06:20 UTC - in response to Message 1382508.
Last modified: 18 Jun 2013, 20:10:37 UTC

LOL...

I guess they figured that if sloppy programming, packaging, and excessive bloat was good enough for Microsoft, it's good enough for them!

I imagine this exercise was enough to satisfy all your masochistic needs for the rest of the year! :-D

Profile Blurf
Volunteer tester
Send message
Joined: 2 Sep 06
Posts: 7615
Credit: 7,026,750
RAC: 1,222
United States
Message 1382523 - Posted: 18 Jun 2013, 20:26:03 UTC

Please post all troubleshooting concerns in the Number Crunching thread-not this one. Thank you.
____________


Profile William Michael Johnson
Send message
Joined: 26 Apr 00
Posts: 3
Credit: 6,619,218
RAC: 0
United States
Message 1383545 - Posted: 22 Jun 2013, 2:18:51 UTC

Have done everything I know and have been told to do about this problem, but it keeps deleting my seti project. I have verified that the exception has been added to avg, etc etc etc.
I have (5) old extremes that have been running seti for the last couple of years but no longer they have been redirected to MilkyWay until I hear that AVG and Seti are fixed.
____________

boda
Send message
Joined: 16 Jun 00
Posts: 1
Credit: 1,711,987
RAC: 1,464
Luxembourg
Message 1384503 - Posted: 25 Jun 2013, 7:39:36 UTC - in response to Message 1383545.

My AVG2013 does issue an alert against boincmgr.exe and blocks its use unless an exception is created.

It was the Identity Protection module of AVG2013 that assessed boincmgr.exe as being suspicious which leads to the question of what behaviour is that of version 7 that leads to these problems with different AV programs?
____________

Eric KorpelaProject donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar
Send message
Joined: 3 Apr 99
Posts: 1110
Credit: 10,322,585
RAC: 12,469
United States
Message 1384656 - Posted: 25 Jun 2013, 22:20:50 UTC - in response to Message 1384503.
Last modified: 25 Jun 2013, 22:24:43 UTC

For SETI@home 7, we compress the executables and DLLs to save on download bandwidth. AVG and a (very) few other virus scanners consider this technique, which I've been using since 1989, to be "suspicious activity". Since they have a larger customer base than SETI@home does, they don't seem inclined to change their opinion.

I doubt that compression is the issue with the BOINC executable, though. I'm guessing that AVG doesn't like programs that can start and stop system services. Although since it's the identity protection component, it could just be an aversion to numbers. BOINC uploads and downloads a lot of files with numbers in them, and the last 4 digits of your social security number or the last four digits of your credit card number are bound to be in one of them. And BOINC asks you to enter a your password at times. It might be that AVG thinks the BOINC manager is scamming you.
____________

Peter C. Watt
Send message
Joined: 2 Jul 99
Posts: 5
Credit: 1,476,864
RAC: 194
United States
Message 1386937 - Posted: 2 Jul 2013, 23:33:48 UTC

AVG reported suspicious files when I first downloaded Version 7 a few weeks ago, but BOINC ran OK until last night.

Last night, AVG not only flagged the program but disabled it. The BOINC Manager, running SETI@Home and Milkyway@Home is now "not connected to a client". When I try to activate it, Boinc advises something such as to "go into the Control Panel and turn on the Servlet for BOINC". However, the Control Panel in my Windows Vista Home Premium operating system doesn't seem to have those settings.

The BOINC Manager is completely blank in all its screens. How do I reactivate the BOINC program and the projects that I had going? I tried Windows System Restore back to a few hours before the problem, but that didn't fix it.

Any help would be appreciated. Thanks.

-PW
____________

Bob Giel
Volunteer tester
Send message
Joined: 11 Jan 04
Posts: 57
Credit: 5,071,970
RAC: 1,326
United States
Message 1386943 - Posted: 3 Jul 2013, 0:07:33 UTC - in response to Message 1386937.

Go into AVG and create an exception for the BOINC directories.
____________

Peter C. Watt
Send message
Joined: 2 Jul 99
Posts: 5
Credit: 1,476,864
RAC: 194
United States
Message 1387119 - Posted: 3 Jul 2013, 9:03:12 UTC - in response to Message 1386943.

OK, I created some exceptions in AVG. Hope that it was the right ones.

Had to reload the BOINC download to get things going again. So far, so good.

Never had trouble like this before. They may have Jumped The Shark with this Version 7.

Thanks.
____________

Grant (SSSF)
Send message
Joined: 19 Aug 99
Posts: 5917
Credit: 61,700,020
RAC: 25,686
Australia
Message 1387120 - Posted: 3 Jul 2013, 9:07:27 UTC - in response to Message 1387119.

Never had trouble like this before. They may have Jumped The Shark with this Version 7.

The problem is with AVG, not BOINC.

____________
Grant
Darwin NT.

Profile Cliff HardingProject donor
Volunteer tester
Avatar
Send message
Joined: 18 Aug 99
Posts: 1026
Credit: 53,858,594
RAC: 17,726
United States
Message 1387146 - Posted: 3 Jul 2013, 11:56:42 UTC - in response to Message 1373978.
Last modified: 3 Jul 2013, 12:00:13 UTC

If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe
and scan it with your virus scanner to see if it reports a problem with the uncompressed file?

And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe


I d/l'ed these files this morning using the Total Defense Security Suite with no problems. I've been using this software for 25+ years and never had a problem. The A/V and firewall software was initially built by CA Technologies (FKA - Computer Associates) for corporate mainframes. Through demands it was ported down to PCs is the early 80's.

I've tried AVG, Tend Micro, Norton and several others and got too many false errors. Switched back and been there ever since.
____________


I don't buy computers, I build them!!

bill
Send message
Joined: 16 Jun 99
Posts: 861
Credit: 24,148,044
RAC: 2,510
United States
Message 1387163 - Posted: 3 Jul 2013, 13:33:14 UTC - in response to Message 1387119.

False positives are the cause of a broken
anti-virus program. Nothing else.

Profile Cliff HardingProject donor
Volunteer tester
Avatar
Send message
Joined: 18 Aug 99
Posts: 1026
Credit: 53,858,594
RAC: 17,726
United States
Message 1387196 - Posted: 3 Jul 2013, 15:25:55 UTC - in response to Message 1387163.

False positives are the cause of a broken
anti-virus program. Nothing else.


I fully agree, which is why I use this particular software. I cannot ever remember getting any. I've seen corporations switch to Micro-Trend, AVG and others then switch back because of too many network disruptions for this very reason. I have been online from home, inside the firewall, when a company got hit and was not affected other than having to get off because the network went south only to find out it was because of a "broken anti-virus program'.
____________


I don't buy computers, I build them!!

Profile Ageless
Avatar
Send message
Joined: 9 Jun 99
Posts: 12393
Credit: 2,666,323
RAC: 958
Netherlands
Message 1387389 - Posted: 3 Jul 2013, 20:28:13 UTC

For the people wondering about how to add the BOINC Data directory to their anti virus program, see http://boincwiki.mundayweb.com/index.php?title=Add_the_BOINC_Data_directory_to_the_exclusions_of_my_antivirus_program.

For those running Zone Alarm, no it's not there and it won't get there either. Zone Alarm its uninstaller ate the bootloader of the Windows VM that I used. Resulting in me having to reinstall Windows from scratch. Luckily I was using a VM, not my own Windows, but guess what? I won't try ZA anymore either. I can spend my time way better than that.
____________
Jord

Fighting for the correct use of the apostrophe, together with Weird Al Yankovic

Previous · 1 . . . 3 · 4 · 5 · 6 · 7 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Copyright © 2014 University of California