AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

AuthorMessage
Profile Vicki
Avatar

Send message
Joined: 30 Nov 01
Posts: 65
Credit: 1,640,576
RAC: 46
New Zealand
Message 1380208 - Posted: 12 Jun 2013, 9:21:56 UTC - in response to Message 1378691.  

hi. I use the paid avg, but this should work for you. Step 1, add an exeception to the bonic data directory from all scans. Step 2 you will need to add an exeception in the identy protection module for each seti application & version there of, ie setiathome v 7.0, astropulse version 6.0, astropulse verrsion 6.01, setiathome cuda <varous versions> etc. Each version of each program will need its own exeception. look further down the thread for my exeperiences on this topic.
After I reinstalled Bonic & added the execeptions, everything returned to normal.
Good luck.
Rae
A city destroyed by an earthquake is an opportunity to Rebuild, redeign & make it a better place to be. Better, stronger, faster like the 6 Million Dollar Man
ID: 1380208 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1380234 - Posted: 12 Jun 2013, 11:54:01 UTC - in response to Message 1380093.  

Sorry to say but I am encountering the problem on Windows 7 (32-bit) with a Free version of AVG.

I have followed your instructions
"Add your BOINC/projects/setiathome.berkeley.edu directory to the list of exceptions. That directory will probably either be C:\Program Data\BOINC\projects\setiathome.berkeley.edu or C:\Users\YourUsername\Program Data\BOINC\projects\setiathome.berkeley.edu"

We'll see if I get further "Detections" in the coming 24hrs


AVG Detection popped up again this morning so this fix hasn't worked.

Can you post (copy/paste) the exact directory/files in the list of exceptions (excluded from scan)?

Because if you did this with posted:
C:\Program Data\BOINC\projects\setiathome.berkeley.edu
C:\Users\YourUsername\Program Data\BOINC\projects\setiathome.berkeley.edu

... nothing useful will happen.

(\Program Data\ have to be \ProgramData\ , 'YourUsername' have to be replaced, etc.
So your BOINC Data dir is for certain different
)


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1380234 · Report as offensive
Profile Ramon M. Castillo
Volunteer tester

Send message
Joined: 10 Apr 06
Posts: 2
Credit: 4,592,422
RAC: 0
United States
Message 1381150 - Posted: 14 Jun 2013, 17:11:03 UTC

Dear Eric,

I wrote to you some days ago about getting an AVG Heuristic virus report on 7.00. I followed your instruction and set AVG to ignore the folder containing the Seti@Home file.

Now I get nothing but computational errors on all the 7.00 tasks running on my system.

I told Boinc to update Seti@Home yesterday. It downloaded many new tasks. Today all those tasks had terminated with "computation error." Could AVG and this problem be related?

Thanks.

Sincerely,

Ramon
ID: 1381150 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1382
Credit: 54,506,847
RAC: 60
United States
Message 1381180 - Posted: 14 Jun 2013, 18:32:02 UTC - in response to Message 1381150.  

Hi Ramon,

Haven't had a chance to deal with my PMs recently. I'll look into it.

Thanks,

Eric
@SETIEric@qoto.org (Mastodon)

ID: 1381180 · Report as offensive
LOUIS M.EASTON

Send message
Joined: 17 Mar 12
Posts: 1
Credit: 826,519
RAC: 0
United States
Message 1381595 - Posted: 15 Jun 2013, 20:38:49 UTC - in response to Message 1373641.  

DR.KORPELA,MY COMPUTER IS STILL HAVING TROUBLE RUNNING SETI@HOME PROGRAMS.LOUIS M.EASTON.
ID: 1381595 · Report as offensive
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 13720
Credit: 208,696,464
RAC: 304
Australia
Message 1381597 - Posted: 15 Jun 2013, 20:40:43 UTC - in response to Message 1381595.  


If you have a problem then ask for help in the help forums.
BTW- all caps indicates shouting- not very polite. It's also difficult to read.
Grant
Darwin NT
ID: 1381597 · Report as offensive
Claggy
Volunteer tester

Send message
Joined: 5 Jul 99
Posts: 4654
Credit: 47,537,079
RAC: 4
United Kingdom
Message 1381599 - Posted: 15 Jun 2013, 20:46:51 UTC - in response to Message 1381595.  

DR.KORPELA,MY COMPUTER IS STILL HAVING TROUBLE RUNNING SETI@HOME PROGRAMS.LOUIS M.EASTON.

All your results completed O.K, what is the nature of your computer's problems?

All tasks for computer 6568745

Claggy
ID: 1381599 · Report as offensive
rob smith Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer moderator
Volunteer tester

Send message
Joined: 7 Mar 03
Posts: 22160
Credit: 416,307,556
RAC: 380
United Kingdom
Message 1381758 - Posted: 16 Jun 2013, 7:49:32 UTC

Stop shouting.
Eric works hard, very hard, and does so Monday to Friday. So either move your question into the "number crunching" part of the forum, or wait for Eric to respond.
Bob Smith
Member of Seti PIPPS (Pluto is a Planet Protest Society)
Somewhere in the (un)known Universe?
ID: 1381758 · Report as offensive
Mark Sager

Send message
Joined: 15 Jul 12
Posts: 3
Credit: 1,474,786
RAC: 0
United States
Message 1382146 - Posted: 17 Jun 2013, 15:34:39 UTC

i just got the avg error on one of my boxes, then i added the execeptions rule to avg for boinc, and then restarted the boinc client. and it error out all projects. im trying a clean install now. Are we sure the virus scanner is false?
ID: 1382146 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1382155 - Posted: 17 Jun 2013, 16:06:54 UTC - in response to Message 1382146.  
Last modified: 17 Jun 2013, 16:15:41 UTC

Are we sure the virus scanner is false?

Yes

Check (click) the links in these posts:
http://setiathome.berkeley.edu/forum_thread.php?id=71784&postid=1373741#1373741

http://setiathome.berkeley.edu/forum_thread.php?id=71784&postid=1374180#1374180

Also this (Detection ratio: 0/47 for setiathome_7.00_windows_intelx86.exe):
https://www.virustotal.com/en/file/eb48e373ef5d59bc018ef687388cae5e824bc1dc09b1549eb95ddae5efbcbac0/analysis/


If you want - send your copy of setiathome_7.00_windows_intelx86.exe (or any other file you have doubt about):
https://www.virustotal.com/en/


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1382155 · Report as offensive
Mark Sager

Send message
Joined: 15 Jul 12
Posts: 3
Credit: 1,474,786
RAC: 0
United States
Message 1382156 - Posted: 17 Jun 2013, 16:13:55 UTC

i did a clean install and now all seems to be ok. But now i have like 8 error while computings and about 20 abandoned tasks for this fathersday task. so i hope it dont make people too mad about recrunching some of my tasks.
ID: 1382156 · Report as offensive
kittyman Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Jul 00
Posts: 51468
Credit: 1,018,363,574
RAC: 1,004
United States
Message 1382157 - Posted: 17 Jun 2013, 16:15:45 UTC

I happen to be using Trend Micro Titanium on my daily driver, and it has never thrown me any warnings about any Seti program or file.
"Freedom is just Chaos, with better lighting." Alan Dean Foster

ID: 1382157 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 1382508 - Posted: 18 Jun 2013, 19:57:06 UTC
Last modified: 18 Jun 2013, 19:58:17 UTC

Today I've been installing and uninstalling, and rebooting Windows a lot due to me writing a FAQ on how to add the BOINC Data directory as an exclusion to various antivirus products, both free and paid versions that I got trials for. Early in the morning I started off with making a Windows 7 Ultimate 64bit SP1 virtual machine in Virtual Box. Initial VM was 100GB, and it was allowed to use up to 6GB RAM. The only Windows Update I had allowed through was the English language pack (163MB).

Packages I tested were: Adaware Antivirus, Avast Free 2013, AVG Free 2013, Bitdefender Security, Comodo Antivirus, ClamWin, Eset NOD32 2013, Micrososft Security Essentials, Panda Cloud, Kapersky Pure 3.0, Norton 360 2013, McAffee 2013, Rising antivirus, Trend Micro 6.0 and Zone Alarm 2012.

Glad too that I use a VM, because upon uninstallation of Zone Alarm, Norton, McAffee, Comodo AND Trend Micro did Windows hang, and after a hard reboot of the VM had I lost the Windows boot loader, or worse. Zone Alarm was the worst, here I had to reinstall the VM, as even Windows recovery system couldn't fix Windows. DO NOT USE ZONE ALARM!

Bitdefender is the slowest installer of all, it took me 1.5 hours of installing. The initial installer goes through a scan of your system, then it downloads the package and definitions, then it does the install and then it scans again. Even on a 100Mbit connection that Virtual Box can use, the download speeds didn't get above 5KB/sec. !!
Uninstalling goes a lot quicker, though!

Upon uninstalling Trend Micro I noticed that my system was crawling at a snail's pace. Checking Processes, I found the VM was using the full 6GB of memory, meaning that in total I was using 7.43GB of my 8GB RAM. And thus swapping a lot to page file! None of the AVs before that had done this.

Comodo has gone quickly from a nice, quick, free package to a bloatware package. Not only does it install 6 different packages onto your system, when you go uninstall it, you have to do the other 5 by hand, and only after we done the initial reboot. And then you have to wait and see if your Windows loads after each reboot.

Norton has a special uninstaller that it needs to download first, then it'll uninstall parts of the AV, while in the mean time installing other crap that you then have to uninstall separately and reboot for. I feel pity for the people that must run this piece of crap.

At the end of each install & update cycle, I scanned my BOINC Data directory with all of these AVs, and none of them found anything wrong with anything in the directory. Not with Seti, not with Einstein, not with any of the 50 project directories in there.

After uninstalling all Avs, I found that each and every one of them had left crap behind in the Programdata, Program Files and Program Files (x86) directories. Up to 15GB worth of crap. The Windows VM that had started at 100GB, had grown to 117GB at the end of the install/uninstall cycle.
ID: 1382508 · Report as offensive
Alinator
Volunteer tester

Send message
Joined: 19 Apr 05
Posts: 4178
Credit: 4,647,982
RAC: 0
United States
Message 1382513 - Posted: 18 Jun 2013, 20:06:20 UTC - in response to Message 1382508.  
Last modified: 18 Jun 2013, 20:10:37 UTC

LOL...

I guess they figured that if sloppy programming, packaging, and excessive bloat was good enough for Microsoft, it's good enough for them!

I imagine this exercise was enough to satisfy all your masochistic needs for the rest of the year! :-D
ID: 1382513 · Report as offensive
Profile Blurf
Volunteer tester

Send message
Joined: 2 Sep 06
Posts: 8962
Credit: 12,678,685
RAC: 0
United States
Message 1382523 - Posted: 18 Jun 2013, 20:26:03 UTC

Please post all troubleshooting concerns in the Number Crunching thread-not this one. Thank you.


ID: 1382523 · Report as offensive
Profile William Michael Johnson

Send message
Joined: 26 Apr 00
Posts: 3
Credit: 6,619,218
RAC: 0
United States
Message 1383545 - Posted: 22 Jun 2013, 2:18:51 UTC

Have done everything I know and have been told to do about this problem, but it keeps deleting my seti project. I have verified that the exception has been added to avg, etc etc etc.
I have (5) old extremes that have been running seti for the last couple of years but no longer they have been redirected to MilkyWay until I hear that AVG and Seti are fixed.
ID: 1383545 · Report as offensive
Boda

Send message
Joined: 16 Jun 00
Posts: 1
Credit: 2,931,973
RAC: 4
Luxembourg
Message 1384503 - Posted: 25 Jun 2013, 7:39:36 UTC - in response to Message 1383545.  

My AVG2013 does issue an alert against boincmgr.exe and blocks its use unless an exception is created.

It was the Identity Protection module of AVG2013 that assessed boincmgr.exe as being suspicious which leads to the question of what behaviour is that of version 7 that leads to these problems with different AV programs?
ID: 1384503 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1382
Credit: 54,506,847
RAC: 60
United States
Message 1384656 - Posted: 25 Jun 2013, 22:20:50 UTC - in response to Message 1384503.  
Last modified: 25 Jun 2013, 22:24:43 UTC

For SETI@home 7, we compress the executables and DLLs to save on download bandwidth. AVG and a (very) few other virus scanners consider this technique, which I've been using since 1989, to be "suspicious activity". Since they have a larger customer base than SETI@home does, they don't seem inclined to change their opinion.

I doubt that compression is the issue with the BOINC executable, though. I'm guessing that AVG doesn't like programs that can start and stop system services. Although since it's the identity protection component, it could just be an aversion to numbers. BOINC uploads and downloads a lot of files with numbers in them, and the last 4 digits of your social security number or the last four digits of your credit card number are bound to be in one of them. And BOINC asks you to enter a your password at times. It might be that AVG thinks the BOINC manager is scamming you.
@SETIEric@qoto.org (Mastodon)

ID: 1384656 · Report as offensive
Peter C. Watt

Send message
Joined: 2 Jul 99
Posts: 5
Credit: 4,955,922
RAC: 8
United States
Message 1386937 - Posted: 2 Jul 2013, 23:33:48 UTC

AVG reported suspicious files when I first downloaded Version 7 a few weeks ago, but BOINC ran OK until last night.

Last night, AVG not only flagged the program but disabled it. The BOINC Manager, running SETI@Home and Milkyway@Home is now "not connected to a client". When I try to activate it, Boinc advises something such as to "go into the Control Panel and turn on the Servlet for BOINC". However, the Control Panel in my Windows Vista Home Premium operating system doesn't seem to have those settings.

The BOINC Manager is completely blank in all its screens. How do I reactivate the BOINC program and the projects that I had going? I tried Windows System Restore back to a few hours before the problem, but that didn't fix it.

Any help would be appreciated. Thanks.

-PW
ID: 1386937 · Report as offensive
Bob Giel
Volunteer tester

Send message
Joined: 11 Jan 04
Posts: 76
Credit: 5,419,128
RAC: 0
United States
Message 1386943 - Posted: 3 Jul 2013, 0:07:33 UTC - in response to Message 1386937.  

Go into AVG and create an exception for the BOINC directories.
ID: 1386943 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.