Lunatics Windows Installer v0.43 Release Notes

Message boards : Number crunching : Lunatics Windows Installer v0.43 Release Notes
Message board moderation

To post messages, you must log in.

1 · 2 · 3 · 4 . . . 13 · Next

AuthorMessage
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586215 - Posted: 13 Oct 2014, 11:35:32 UTC
Last modified: 13 Oct 2014, 11:42:34 UTC

Lunatics are pleased to announce the availability of the v0.43 installer in the Lunatics main download area and mirror sites.
Please take care you use the right installer (32/64 bit) for your system.

Should you have any questions or problems - ask! Post in this thread or open a new one.

New in this installer:
---------------------
Added support for Astropulse v7 on all platforms.

How to use the installer:
------------------------
For the CPU applications, you need to know what your CPU supports. Either check the Boinc startup messages or check with CPU-Z downloadable from http://www.cpuid.com
Tick or untick CPU AP and MB applications as desired.
Tick ATI (OpenCL) AP or MB if/as desired.
Tick NVidia (OpenCL) AP or CUDA MB if/as desired.
Tick Intel (OpenCL) AP or MB if/as desired.
More details further down.

NB We use default values throughout the app_info.xml. If you have previously installed optimised applications and manually edited app_info.xml (e.g. <count> for multithreading GPUs, <flops>, <cmdline> for ATI) you WILL lose those edits on running the installer and have to redo them. You may wish to make a note of them.
You will also lose all other manual edits to app_info.xml such as beta applications.

You are strongly recommended to use a version of BOINC which supports app_config.xml files. These can be used to manage the number of tasks running on each GPU more simply than by editing app_info.xml, and will NOT be removed by re-running this or subsequent installers. If you have previously used an app_config file for Astropulse, you may want to add a similar section for Astropulse_v7.

Known issues - general:
----------------------
This installer contains v6 legacy apps for cleaning up residual AP v6 tasks still active during the changeover, or which may be re-issued later. They will be installed automatically alongside the AP v7 applications you choose - please leave them in place to help with the 'end of run' cleanup.

The AP v7 CPU applications can all run on BOINC 7 installations running in service mode: if this mode is detected during installation, the compatible AP v6 application will be installed for the cleanup.

Be careful when upgrading if you have already pre-installed optimised AP v7 applications from individual pre-release build packs. Some of these packs deploy version numbers derived from Beta testing, and they are not guaranteed to match the Main project release values. This installer follows the application version numbers and plan classes displayed on http://setiathome.berkeley.edu/apps.php - if yours differ, set NNT and drain your cache before proceeding.

TAKE SPECIAL CARE when upgrading from the stock 7.00 Astropulse CPU application. The intermediate checkpoint files have a non-standard format, and the Lunatics applications can't resume a part-computed task. Either set NNT and wait until the current task(s) have finished - may be a long wait - or abort tasks if they haven't progressed very far. This only applies to v7.00 tasks which have commenced processing - v7.03 (sse or sse2) tasks are safe to upgrade while in progress, and all unstarted tasks are safe.

BOINC v7 installations are not able to run any GPU applications in service mode, and the installer will now bypass GPU application pages on machines which cannot run GPU applications because of this restriction.

The installer is supposed to shut down the BOINC client whilst leaving the Manager running - noticable from the red 'disconnected' dot in the tray. After finishing the BOINC client should restart and the red dot vanish when the Manager reconnects. This may take a few minutes. On some systems however this fails to work. Please ensure BOINC has restarted.
Advanced users only: If you know you are going to edit app_info.xml, it may be easier to shutdown and restart BOINC manually, so you can get the changes into app_info.xml before the restart.

Some users reported that installer v0.41 failed to assemble a complete app_info.xml file from the aistub files supplied with each application. We have switched to using a 'grep' application (supplied) called from a slightly modified 'aimergeg.cmd' script to help avoid this problem. The original aimerge script is also present for people who are used to using it.


CPU MB apps - AKv8c r2549 (unchanged)

If you have any doubt at all about what instruction sets your CPU supports, download CPU-Z from http://www.cpuid.com/softwares/cpu-z.html

We have now incorporated a 3rd party CPU feature detection tool into the installer. Unsupported applications will be greyed out, and the installer will pre-select recommended application versions for your CPU.


CPU AP v7 app - r2672/2692/2696/2703 depending on optimisation level.

A 32-bit AVX build is offered for the first time - at the SSE3 level, the installer will choose between AMD and Intel builds automatically (there wasn't space for an extra manual choice).


NVidia GPU (CUDA) app - x41zc

For details please see the separate ReadMe_x41zc.txt.

Rule of thumb selection guide:
Cuda 2.3: PreFermi - NOT to be used on Fermi/Kepler/Maxwell
Cuda 3.2: mixed systems
Cuda 4.2: Fermi
Cuda 5.0: Kepler/Maxwell
If you have run stock and have established APR you can also pick the fastest app from there.
For compatible cards see http://developer.nvidia.com/cuda-gpus
Should run on all NVidia CUDA cards with at least 512MiB video RAM. Actual free memory required is in the region of 200-235MB, depending on driver, OS flavour and CUDA variant. The code will scale up if more memory is available. Running on a 256MiB card is just possible, but you will have to free up as much VRAM as possible, e.g. by disabling Aero.
Used video RAM can be checked with GPU-Z downloadable from
http://www.techpowerup.com/downloads/2244/techpowerup-gpu-z-v0-7-1/
Watch closely on GPU-Z and in BOINC manager if the application finds enough memory.
Symptoms of insufficient memory are
- in BOINC manager: tasks start up and run a few seconds then go to 'waiting
to run' and the next task tries to start
- on GPU-Z: the sensor for memory shows used VRAM ramping up and almost
immediately dropping again.
Depending on BOINC version your tasks will either error out with 'too many exits' or get stuck in an infinite loop.
If you don't have enough memory, set BOINC to NNT, abort tasks and uninstall the CUDA application by rerunning the installer with CUDA MB UNticked. If in doubt ask for help in this forum
To multithread on Fermi/Kepler cards, find all instances of <count>1</count> in app_info.xml and decrease to 0.5 or 0.3 to run two or three tasks in parallel.
Again, if you are uncertain of how to do this correctly, ask. 'Your mileage may vary' - it depends on your specific system which count will give the highest throughput.
Full release notes and history in separate readme.


NVidia (OpenCL) AP v7 app - updated to r2721

Please see separate ReadMe_AstroPulse_OpenCL_NV.txt for details.
Reserving one CPU core per GPU card will improve performance.

Warning - the NVidia 340.52 driver (released 29 July 2014) causes invalid results on legacy compute capability 1.1, 1.2 and 1.3 cards. This application will - deliberately - NOT run on such cards: it will alternate between displaying a warning message in BOINC Manager and apparently 'running', but will make no progress and eventually error out. If you have an old card (8000 series, 9000 series, or 2xx series), either exclude it from crunching AP, or downgrade to an older driver.



ATI (OpenCL) MB app - remains at r2489

Please see separate ReadMe_MultiBeam_OpenCL_ATI.txt for details, especially on driver requirements.
Reserving one CPU core per GPU card will improve performance.
We offer the MB application in two different variants, depending on card:
plain - for most HD4xxx owners and those with HD5xxx, HD6xxx cards and
HD7xxx cards who suffer from driver incompatibilities.
HD5 - for most if not all owners of HD5xxx, HD6xxx and HD7xxx GPUs.

ATI (OpenCL) AP v7 app - r2721
ATI (Brook) AP app - r1890

Please see separate ReadMe_AstroPulse_OpenCL_ATI.txt or ReadMe_AstroPulse_Brook.txt for details, especially on driver requirements.
Reserving one CPU core per GPU card will improve performance.

For cards without OpenCL support (from HD2xxxx on) use the 'hybrid' r1890 Astropulse application. NB this is a combined CPU/GPU application and will only use the GPU for some of the calculations, while doing the rest on a CPU core. Minimum driver version Catalyst 9.x.

The Hybrid AP application uses about 80% of a CPU core and does only about 20% of the calculations on the GPU. Parameters have been choosen to reflect this usage. However present BOINC can not reserve '0.8' of a CPU core and therefore reserves none. This means your CPUs will be overcommitted and runtimes and DCF (if applicable) will suffer. You do increase the overall output though.

Please note that HD2xxx cards requiring Brook (Hybrid) applications are not currently supported by Lunatics for Astropulse v7 - the Brook application is supplied for cleaning up any AP v6 tasks that may be in progress.


Intel (OpenCL) applications for both MB and AP v7 (updated to r2721)

These are offered by Lunatics for the first time. Please note the supported iGPU models, and observe the minimum OpenCL and driver versions, shown on the selection page. Intel CPUs offering plain "HD graphics" are NOT supported by these applications.

You MUST update your Intel driver if BOINC reports the OpenCL version as 1.1
The applications may appear to run without updating the driver, but the results will not be valid and you will have wasted your computing power.

Visit https://downloadcenter.intel.com/ if you require an updated graphics driver for your iGPU. Note that you will require a driver for a 3rd. or 4th. generation Intel 'core' CPU with the appropriately numbered HD or Iris graphics support.

Many people have reported problems getting Intel's automated update and installation tools to work, but their manual installation instructions (requiring the download of the '.zip' driver package) appear to work on systems which reject the automated tools. A copy of Intel's ReadMe file for driver installation will be placed in the Lunatics docs folder for reference if you select either of the iGPU applications.


This time the thanks go to Joe (Josef W. Segur) for the optimised CPU apps, to Raistmer (with additional input from Urs Echternacht) for OpenCL apps and to Jason (jason_gee) for CUDA apps.
Thanks guys. There would be no need for an optimised app installer if there weren't optimised apps in the first place!

We would also like to take this opportunity to thank our active alpha testers
(in no particular order and apologies to anybody we've forgotten):
Claggy, arkayn and Mike.


The Lunatics Installer team AD MMXIV
ID: 1586215 · Report as offensive
Thomas
Volunteer tester

Send message
Joined: 9 Dec 11
Posts: 1499
Credit: 1,345,576
RAC: 0
France
Message 1586290 - Posted: 13 Oct 2014, 16:03:28 UTC

Thanks for the heads-up Richard and thanks so much to the LUNATICS team ! :)
Well done guys ! Good job !
ID: 1586290 · Report as offensive
Profile [B^S] madmac
Volunteer tester
Avatar

Send message
Joined: 9 Feb 04
Posts: 1175
Credit: 4,754,897
RAC: 0
United Kingdom
Message 1586326 - Posted: 13 Oct 2014, 17:15:52 UTC

Just downloaded it from the site and Chrome gave me a malware warning
ID: 1586326 · Report as offensive
JohnDKCrowdfunding Project Donor
Volunteer tester
Avatar

Send message
Joined: 28 May 00
Posts: 974
Credit: 123,242,817
RAC: 130,404
Denmark
Message 1586335 - Posted: 13 Oct 2014, 17:27:43 UTC
Last modified: 13 Oct 2014, 17:33:11 UTC

Just downloaded the 64bit version and Chrome warned it could be a dangerous file and recommended to delete it.

Scanned the file with MS Security Essentials & Malwarebyte and they didn't report any problems.
ID: 1586335 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 571
Credit: 65,752,033
RAC: 2
Finland
Message 1586339 - Posted: 13 Oct 2014, 17:34:44 UTC - in response to Message 1586326.  
Last modified: 13 Oct 2014, 17:39:08 UTC

Just downloaded it from the site and Chrome gave me a malware warning


Something is not right. I downloaded 32bit installer and Chrome just said "Unknown network error" after download was finished. I tried again and Chrome says "This webpage is not available"

I tried 64bit installer and Chrome was again saying "Lunatics_Win64_v0.43_setup.exe is not commonly downloaded and could be dangerous." Keep/Discard -options available.
ID: 1586339 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586340 - Posted: 13 Oct 2014, 17:36:41 UTC

Did Chrome give either of you any indication of what it didn't like about the file? Sometimes malware scanners report that applications are dangerous simply because they perform potentially dangerous acts, like installing new executable files on your hard disk (the desired outcome in this case), or because they are very new and as yet untrusted.

Every effort was made to ensure that the installer file was prepared in a clean environment, but you are right to treat it with caution. It would probably be a better check if someone other than me ran it through VirusTotal and posted the result?
ID: 1586340 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586342 - Posted: 13 Oct 2014, 17:37:15 UTC - in response to Message 1586339.  

Just downloaded it from the site and Chrome gave me a malware warning


Something is not right. I downloaded file and Chrome just said "Unknown network error" after download was finished. I tried again and Chrome says "This webpage is not available"

Which download mirror were you using?
ID: 1586342 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 571
Credit: 65,752,033
RAC: 2
Finland
Message 1586345 - Posted: 13 Oct 2014, 17:42:25 UTC - in response to Message 1586342.  

Just downloaded it from the site and Chrome gave me a malware warning


Something is not right. I downloaded file and Chrome just said "Unknown network error" after download was finished. I tried again and Chrome says "This webpage is not available"

Which download mirror were you using?


Sorry Richard, edited my post. Both times I did use Mirror 1, don't have any other options.
ID: 1586345 · Report as offensive
JohnDKCrowdfunding Project Donor
Volunteer tester
Avatar

Send message
Joined: 28 May 00
Posts: 974
Credit: 123,242,817
RAC: 130,404
Denmark
Message 1586347 - Posted: 13 Oct 2014, 17:45:22 UTC - in response to Message 1586340.  

Every effort was made to ensure that the installer file was prepared in a clean environment, but you are right to treat it with caution. It would probably be a better check if someone other than me ran it through VirusTotal and posted the result?

All lights was green except this one

Qihoo-360 Win32/Trojan.75f
ID: 1586347 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586348 - Posted: 13 Oct 2014, 17:45:38 UTC - in response to Message 1586345.  

Just downloaded it from the site and Chrome gave me a malware warning

Something is not right. I downloaded file and Chrome just said "Unknown network error" after download was finished. I tried again and Chrome says "This webpage is not available"

Which download mirror were you using?

Sorry Richard, edited my post. Both times I did use Mirror 1, don't have any other options.

So you mean the Lunatics site, rather than Mike's or Arkayn's. Thanks.
ID: 1586348 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 571
Credit: 65,752,033
RAC: 2
Finland
Message 1586349 - Posted: 13 Oct 2014, 17:51:04 UTC - in response to Message 1586348.  

So you mean the Lunatics site, rather than Mike's or Arkayn's. Thanks.


Yep, Lunatics site.
ID: 1586349 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586350 - Posted: 13 Oct 2014, 17:52:00 UTC - in response to Message 1586347.  

Every effort was made to ensure that the installer file was prepared in a clean environment, but you are right to treat it with caution. It would probably be a better check if someone other than me ran it through VirusTotal and posted the result?

All lights was green except this one

Qihoo-360 Win32/Trojan.75f

Could you post the VirusTotal result link here, please, so I can see the full report?

The installer build was done on and uploaded from a machine running Norton antivirus. I've done test installations on machines running McAfee and Microsoft Security Essentials: I saw no warnings, either from the finished installer or from the individual program packages which I downloaded in order to be able to assemble the finished product.
ID: 1586350 · Report as offensive
JohnDKCrowdfunding Project Donor
Volunteer tester
Avatar

Send message
Joined: 28 May 00
Posts: 974
Credit: 123,242,817
RAC: 130,404
Denmark
Message 1586354 - Posted: 13 Oct 2014, 17:59:25 UTC - in response to Message 1586350.  

Could you post the VirusTotal result link here, please, so I can see the full report?

The installer build was done on and uploaded from a machine running Norton antivirus. I've done test installations on machines running McAfee and Microsoft Security Essentials: I saw no warnings, either from the finished installer or from the individual program packages which I downloaded in order to be able to assemble the finished product.

https://www.virustotal.com/da/file/9b17f92a69d116afd3b723c5dc79ed57b9aefe847bdbcf1761f034656906ffca/analysis/1413222138/
ID: 1586354 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586359 - Posted: 13 Oct 2014, 18:13:11 UTC - in response to Message 1586354.  

Could you post the VirusTotal result link here, please, so I can see the full report?

The installer build was done on and uploaded from a machine running Norton antivirus. I've done test installations on machines running McAfee and Microsoft Security Essentials: I saw no warnings, either from the finished installer or from the individual program packages which I downloaded in order to be able to assemble the finished product.

https://www.virustotal.com/da/file/9b17f92a69d116afd3b723c5dc79ed57b9aefe847bdbcf1761f034656906ffca/analysis/1413222138/

Thanks. Those 52 green ticks are reassuring, but I'm trying to work my way through to a full description of what the supposed trojan is.

Look what I fell over on the way! I don't believe this one either - anybody ever had any previous experience of herd protect before? A bit too keen on sponsored advertising 'solutions' for my liking.

http://www.herdprotect.com/setiathome_7.03_windows_intelx86_opencl_ati5_sah.exe-77f47fc534e526748e78f6995fb86ab8c039f6aa.aspx
ID: 1586359 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3717
Credit: 8,884,789
RAC: 603
Bulgaria
Message 1586362 - Posted: 13 Oct 2014, 18:19:49 UTC - in response to Message 1586326.  
Last modified: 13 Oct 2014, 18:54:44 UTC

Just downloaded it from the site and Chrome gave me a malware warning

Really?... ;)
And WHAT did it said Specifically?

And you are sure Chrome issue some warning and Not the stupid Antivirus?

Lunatics_Win32_v0.43_setup.exe (I Uploaded this)
https://www.virustotal.com/en/file/f9d0f893addaf1770119bd7eedfc368b526eacaf4672c266db7d950041b6acf5/analysis/1413223772/

Lunatics_Win64_v0.43_setup.exe (was already Uploaded - I didn't Re-upload)
https://www.virustotal.com/en/file/9b17f92a69d116afd3b723c5dc79ed57b9aefe847bdbcf1761f034656906ffca/analysis/1413222138/

Do you have one of the shown (above, in red) stupid Antiviruses?:
McAfee
TrendMicro
Rising
Ikarus
Qihoo-360

***********

I use ESET NOD32 Antivirus 4

Scan Log
Version of virus signature database: 10553 (20141013)
Date: 13.10.2014 Time: 21:23:52
Scanned disks, folders and files:
J:\Data.All\Downloads.Bit\Software\Science\Optimized SETI@home\Lunatics' Unified Installer\Lunatics_Win32_v0.43_setup.exe
J:\Data.All\Downloads.Bit\Software\Science\Optimized SETI@home\Lunatics' Unified Installer\Lunatics_Win64_v0.43_setup.exe
Number of scanned objects: 239
Number of threats found: 0
Time of completion: 21:24:33 Total scanning time: 41 sec (00:00:41)

++++++++++++++

MD5:

d81de77ff755cd4d31404e5768058789 *Lunatics_Win32_v0.43_setup.exe
645b66d443f573ce8506514a41f970b5 *Lunatics_Win64_v0.43_setup.exe

==============

For browser I use SRWare Iron (based on Chromium) which do not issue such stupid warnings as "not commonly downloaded and could be dangerous"
[v] "Enable phishing and malware protection" is checked

;) Chrome seem to think everyone have to Download only Firefox as it IS "commonly downloaded" ;)
 



- ALF - "Find out what you don't do well ..... then don't do it!" :)
ID: 1586362 · Report as offensive
Aurora Borealis
Volunteer tester
Avatar

Send message
Joined: 14 Jan 01
Posts: 3075
Credit: 5,631,463
RAC: 0
Canada
Message 1586363 - Posted: 13 Oct 2014, 18:20:15 UTC

Avast! also freaked out that I was downloading the file. Naturally I ignore the warning of a dangerous file.

Boinc V7.2.42
Win7 i5 3.33G 4GB, GTX470
ID: 1586363 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586402 - Posted: 13 Oct 2014, 19:25:58 UTC

This is getting very frustrating. Each of the meta-scanning engines seems to host a small number - often one - of scan engines which has a problem with one or other of our files, and 40 - 60 engines which say it's safe and clean.

I scanned the 32-bit file locally with McAfee (since I have it, and BilBg said it it came up on the VirusTotal hitlist). Nothing - clean. Got the very latest manual update from McAfee - still nothing. McAfee won't accept a sample larger than 10 MB for checking - we're at 22 MB (heavily compressed). So I'm stuck there.

https://www.metascan-online.com/en/scanresult/file/b9aa4f5aa58e4a32866cdb6dbf1cecf7 are still updating their McAfee engine (come on, guys), and we get a red flag from Ikarus there too - but they seem to see Win32.SuspectCrc in all sorts of programs that others see as clean. And nobody seems to maintain a searchable online database of all the terms used by all the companies to describe all the viruses in the world.

I'll keep dipping in and out, but that's probably the best I can do for tonight.
ID: 1586402 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3717
Credit: 8,884,789
RAC: 603
Bulgaria
Message 1586424 - Posted: 13 Oct 2014, 20:10:55 UTC - in response to Message 1586402.  

I scanned the 32-bit file locally with McAfee (since I have it, and BilBg said it it came up on the VirusTotal hitlist). Nothing - clean. Got the very latest manual update from McAfee - still nothing. McAfee won't accept a sample larger than 10 MB for checking - we're at 22 MB (heavily compressed). So I'm stuck there.

I never used McAfee (well - I used the DOS version in ~1990 IIRC) so don't know how to do the next:
- try to increase the Heuristic/Scanner sensitivity to some 'paranoid' level
(it is possible that different sites use different Settings on their Antiviruses)

I Uploaded also here (where 2 are red):
http://virusscan.jotti.org/en/scanresult/4ff2fda35c5be9cb415514620924a7538fdcd744



- ALF - "Find out what you don't do well ..... then don't do it!" :)
ID: 1586424 · Report as offensive
Profile MikeProject Donor
Volunteer tester
Avatar

Send message
Joined: 17 Feb 01
Posts: 30590
Credit: 57,556,015
RAC: 30,270
Germany
Message 1586430 - Posted: 13 Oct 2014, 20:14:32 UTC

Could anyone who got alerts download from my site and check if you get the same please.
Just to reduce possibilities.
With each crime and every kindness we birth our future.
ID: 1586430 · Report as offensive
Richard HaselgroveProject Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11516
Credit: 106,098,915
RAC: 70,238
United Kingdom
Message 1586443 - Posted: 13 Oct 2014, 20:27:29 UTC - in response to Message 1586424.  

I scanned the 32-bit file locally with McAfee (since I have it, and BilBg said it it came up on the VirusTotal hitlist). Nothing - clean. Got the very latest manual update from McAfee - still nothing. McAfee won't accept a sample larger than 10 MB for checking - we're at 22 MB (heavily compressed). So I'm stuck there.

I never used McAfee (well - I used the DOS version in ~1990 IIRC) so don't know how to do the next:
- try to increase the Heuristic/Scanner sensitivity to some 'paranoid' level
(it is possible that different sites use different Settings on their Antiviruses)

I Uploaded also here (where 2 are red):
http://virusscan.jotti.org/en/scanresult/4ff2fda35c5be9cb415514620924a7538fdcd744

Thanks, that one gets us a bit further forward. One is Ikarus 'Win32.SuspectCrc', which we've seen all over the place. But ClamAV 'PUA.Win32.Packer.Freebasic' is new, and leads us to

http://forums.clamwin.com/viewtopic.php?p=15591

Please turn off PUA detection, and do not use it again. It is broken!

PUA detection (Potentially Unwanted Applications) is for detecting files that are packed with packers used by malware or tools that could be used by malware (such as keyloggers, remote admin tools, some scripts, etc.). The problem is that both malware and "good" programs can use the same packers. Many "good" websites also use java scripts and other scripts that are put in your temporary internet folder that will be detected as PUA files. Many businesses use remote administration tools as well.

Since PUA detection is optionally selected by the user, Clam AV (Clam AV furnishes its scan engine and virus signatures to
ClamWin) does not make any adjustment to its PUA signatures. The PUA.Win32.Packer detections will detect many, many, many, many, many, many, good programs. If you use PUA detection with quarantine, it will quarantine important files in error, and you will not be able to restore them--because it will also quarantine the ClamWin quarantine restore program!

Use ClamWin to detect real viruses--not PUA. One last time... Do not use PUA detection. It is broken!

That makes sense - because it's exactly what I did on behalf of Lunatics: used a free file packer to package potentially wanted applications. It's up to readers to decide whether they still want those applications. Note that this warning appears to apply to the delivery method, not to the contents of the package.
ID: 1586443 · Report as offensive
1 · 2 · 3 · 4 . . . 13 · Next

Message boards : Number crunching : Lunatics Windows Installer v0.43 Release Notes


 
©2017 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.