Message boards :
News :
AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation
Author | Message |
---|---|
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
The AVG virus scanner heuristic virus detection method reports a false positive for SETI@home version 7.00 on windows. This alert doesn't not indicate an infection with a known virus, but indicates that the application contains code that the virus scanner considers to be suspicious. AVG 2012 apparently does not report any issues. We believe that this alert is related to the method we used to compress the executable in order to save network bandwidth. We are examining how we can resolve the problem. Until then the best strategy is to click "cancel" or "ignore" to the AVG warnings. @SETIEric@qoto.org (Mastodon) |
Igogo Send message Joined: 18 Dec 04 Posts: 125 Credit: 65,303,299 RAC: 44 |
Thank you Eric. |
WezH Send message Joined: 19 Aug 99 Posts: 576 Credit: 67,033,957 RAC: 95 |
Same problem with Avira Antivirus Free: Product version 12.1.9.1236 11.10.2012 Search engine 8.02.12.50 27.5.2013 Virus definition file 7.11.81.128 30.5.2013 Control Center 12.03.00.15 1.5.2012 Config Center 12.03.00.28 9.8.2012 Luke Filewalker 12.03.00.48 15.11.2012 Realtime Protection 12.03.00.15 1.5.2012 Filter 12.00.24.11 24.4.2012 Web Protection 12.03.08.15 1.5.2012 Scheduler 12.03.00.15 1.5.2012 Updater 12.03.14.38 15.11.2012 Rootkits Protection 12.00.50.34 27.4.2012 |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe and scan it with your virus scanner to see if it reports a problem with the uncompressed file? And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe @SETIEric@qoto.org (Mastodon) |
Jord Send message Joined: 9 Jun 99 Posts: 15184 Credit: 4,362,181 RAC: 3 |
Microsoft Security Essentials reports nothing wrong with either the executable or the dynamic linked library. |
enriqueromo Send message Joined: 9 Mar 13 Posts: 2 Credit: 150,218 RAC: 0 |
The same with Spyhunter4 |
mrcmobile Send message Joined: 6 Aug 99 Posts: 1 Credit: 2,103,118 RAC: 3 |
Same problem with trendmicro Fake Antivirus (FakeAV) Removal Tool. http://esupport.trendmicro.com/solution/en-us/1056510.aspx marco |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
Symantec Endpoint Protection 11 and AVG 2012 find no problems, both with heuristics on. @SETIEric@qoto.org (Mastodon) |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
That's weird. I'm able to get them both from home. It's probably the coral cache problem. Try http://boinc2.ssl.berkeley.edu.nyud.net/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe directly. @SETIEric@qoto.org (Mastodon) |
Jord Send message Joined: 9 Jun 99 Posts: 15184 Credit: 4,362,181 RAC: 3 |
I scanned the repack as well. No problems. (Obviously no problems downloading the files either). Did additional scans with: Malwarebytes Anti-Malware 1.75.0.1300, Database version: v2013.05.30.06 -> no problems. Superantispyware -> no problems. Plus I did a scan at Virustotal.com, for the repack outcome 0/46 viruses found. For the unpacked outcome 0/47 viruses found. |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
|
Claggy Send message Joined: 5 Jul 99 Posts: 4654 Credit: 47,537,079 RAC: 4 |
That's weird. I'm able to get them both from home. It's probably the coral cache problem. Try http://boinc2.ssl.berkeley.edu.nyud.net/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe directly. I used Getright to try out that link, for the first three attempts it came up 'no connection', on the 4th it got a connection and showed the file as 1.59Mb Claggy |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
We'll be turning off coral caching in a day or two, so that problem will go away in a short time. @SETIEric@qoto.org (Mastodon) |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
Same problem with trendmicro Fake Antivirus (FakeAV) Removal Tool. Trend FakeAV reports about valid 20 programs on my system as "RogueAV" including BOINC, the NVIDIA tray utility, the UPS monitor, the Trend FakeAV Removal Tool, and the drivers for my camera. It seems that just about anything that runs as a console program in the background or has a tray icon gets reported. And it always hangs hard before completing its scans. After attemting to run it a few times, I decided I can safely ignore its detections as entirely false positives. I'm surprised there hasn't been a class action suit by software publishers against Trendmicro. @SETIEric@qoto.org (Mastodon) |
Raistmer Send message Joined: 16 Jun 01 Posts: 6325 Credit: 106,370,077 RAC: 121 |
As I said in original thread already, AVG produces too many false positives to be useful. All my friends denied from use it already... (if someone shout "fire" too often he risks to burn w/o any help...) SETI apps news We're not gonna fight them. We're gonna transcend them. |
Floyd Send message Joined: 19 May 11 Posts: 524 Credit: 1,870,625 RAC: 0 |
If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe Sir: I downloaded both and AVG 2013 scanned them in the download folder and found nothing. EDIT: That was after it found them and I told it to allow , so it was added to the exception list in avg , Just remembered that. |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
I wonder if it's only a problem when it scans the in memory copy when it is running. And if the exceptions list is based on the in memory footprint, it may be excepted. Does the original fail to scan on your AVG13? http://boinc2.ssl.berkeley.edu/sah/download_fanout/setiathome_7.00_windows_intelx86.exe @SETIEric@qoto.org (Mastodon) |
Horacio Send message Joined: 14 Jan 00 Posts: 536 Credit: 75,967,266 RAC: 0 |
The linked files on previous posts and also the executable and library files downloaded from main for the CPU don't trigger any warning neither with the free version of Avast neither with the last Norton Antivirus... The only warning in all cases was from MS Internet Explorer saying that the files were not commonly downloaded so it suggested to delete them, but as BOINC dont need a browser to download the files this should not be an issue... (even when the wording of the warning was really frightening LOL) |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
I have Trend Virus scan the best there is!! Never tried it. I was only talking about the false positives from their FakeAV detector. @SETIEric@qoto.org (Mastodon) |
spyregyre Send message Joined: 25 Aug 01 Posts: 3 Credit: 35,736,267 RAC: 23 |
I just had both the stable and development version trigger AVG. My question is how to turn or exception boinc from AVG. thanks. |
©2024 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.