Message boards :
News :
AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation
Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next
Author | Message |
---|---|
S@NL - JBG Send message Joined: 26 Jan 00 Posts: 11 Credit: 14,694,950 RAC: 0 |
Both downloaded, and both NO AVG message during downloading Also NO message during a scan Using... AVG version 2012.0.2242 with db version 3184/5871 If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe |
VDS_TYPE_12 Send message Joined: 27 May 01 Posts: 1 Credit: 137,283 RAC: 0 |
FYI, Comodo Internet Security Premiuim's Comodo Antivirus doesn't report anything on the two packed and unpacked versions. Comodo Internet Security Premiuim Version 5.12.256249.2599 Virus Signature DB Version 16350 |
Juice Send message Joined: 19 Oct 11 Posts: 1 Credit: 755,454 RAC: 0 |
"doesn't not" |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
The circumstances under which the alert is triggered are becoming more clear. It seems to only happen with the "resident shield" component, and only with specific versions of AVG 2012 and AVG 2013, possibly only the paid version. If anyone has contrary info please let me know. @SETIEric@qoto.org (Mastodon) |
Babaganoosh Send message Joined: 11 Jan 13 Posts: 1 Credit: 326,923 RAC: 0 |
Scanned both versions with Avast and Malwarebytes, no problem with either of them. |
rob smith Send message Joined: 7 Mar 03 Posts: 22613 Credit: 416,307,556 RAC: 380 |
I had a couple of reports that I was attempting to execute a suspect program with the free version 2013.0.334, with virus db 3184/6370(30May 2013). I chose to ignore the warnings, and the affected programs were added to the exclusions list automagically. Bob Smith Member of Seti PIPPS (Pluto is a Planet Protest Society) Somewhere in the (un)known Universe? |
Frank Hudson Send message Joined: 20 May 99 Posts: 2 Credit: 5,287,950 RAC: 10 |
I tried to download the package last evening. McAfee Internet Security blocked it saying it had a virus. |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
I haven't seen any problems. It's probably because your app_info.xml for your anonymous platform use doesn't contain any applications for setiathome v7. @SETIEric@qoto.org (Mastodon) |
SockGap Send message Joined: 16 Apr 07 Posts: 14 Credit: 7,700,416 RAC: 0 |
Hello Eric, Hi Blue Angel If you're running the optimised apps then, as per Jason_Gee's post here, you'll need to do the following: - Set No New tasks - Wait until tasks all complete, upload & report - delete app_info.xml from the project directory - reset the project - Allow New tasks Although from what I've ready around the place there's been varying degrees of success with the above steps. Or wait until whenever the new installers for the optimised apps are released. Cheers Jeff |
Anibal Send message Joined: 29 Dec 11 Posts: 1 Credit: 47,061 RAC: 0 |
gracias por la informacion, es util. |
Claggy Send message Joined: 5 Jul 99 Posts: 4654 Credit: 47,537,079 RAC: 4 |
Pierre(XP_Freak) my husband did all that, still no work Make sure you enabled 'SETI@home v7: yes' in your project preferences, you have received Stock work, but only v6 work: All tasks for computer 5936358 Note on the right where it says SETI@home Enhanced v6.03 Claggy |
Claggy Send message Joined: 5 Jul 99 Posts: 4654 Credit: 47,537,079 RAC: 4 |
Pierre(XP_Freak) my husband did all that, still no work You're talking about BOINC v7, We're talking about the application Setiathome v7, NOT the same thing. I've you don't enable Setiathome v7 in your project preferences you won't get Setiathome v7 work. I supplied you with the link to get to the Setiathome preferences in my earlier post. Run only the selected applications SETI@home Enhanced: yes Astropulse v505: no SETI@home v7: yes AstroPulse v6: yes Claggy |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector PUA stands for "Potentially Unwanted Application", which means that ClamAV has decided the only use for compressed executables is for "bad things". ClamAV could decompress them and scan the decompressed executable for viruses like nearly every other virus scanner does. I will suggest that to them. @SETIEric@qoto.org (Mastodon) |
Richard Haselgrove Send message Joined: 4 Jul 99 Posts: 14682 Credit: 200,643,578 RAC: 874 |
The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector I was using executable compression 20+ years ago so my entire program suite would fit on a single 5.25" standard-density floppy disk. |
Eric Korpela Send message Joined: 3 Apr 99 Posts: 1382 Credit: 54,506,847 RAC: 60 |
Apparently ClamAV doesn't allow submission of a false detection report for PUAs because ClamAV doesn't consider PUA detections to be virus detections. @SETIEric@qoto.org (Mastodon) |
David Shanholtzer Send message Joined: 23 Nov 03 Posts: 2 Credit: 4,400,520 RAC: 1 |
FWI Just scanned the first one. AVG v. 2012.0.2242, database v.3184/5875 (June 1, 2013) reported no virus detected. |
BilBg Send message Joined: 27 May 07 Posts: 3720 Credit: 9,385,827 RAC: 0 |
The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector Me too. I used PKLite and LZEXE Packers & Unpackers: http://www.woodmann.com/crackz/Packers.htm http://bellard.org/lzexe.html P.S. PUA stands for "Potentially Unwanted Application" For those that don't know - sometimes it is called PUP (depends on the terminology of the antivirus) PUP (Potentially Unwanted Program) http://en.wikipedia.org/wiki/Potentially_Unwanted_Program#Grayware Personal opinion: I think that some antivirus vendors intentionally report anything that looks slightly suspicious (e.g. Packers; or BOINC downloading .exe and .dll files in the background and starting/using them) so unexperienced users are convinced "Oh, yes, MY antivirus is working, I spend my money for a good" ;) Â - ALF - "Find out what you don't do well ..... then don't do it!" :) Â |
Jasper Send message Joined: 29 Nov 11 Posts: 8 Credit: 1,026,591 RAC: 0 |
The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector Indeed. I ran ClamAV (0.97.8) after the download, nothing to report as almost usual. |
Larry Sugden Send message Joined: 19 May 11 Posts: 2 Credit: 1,403,586 RAC: 0 |
I am running AVG 2013 under Windows 8. I have no problems downloading the file. I do get a warning on the certificate, but still allowed to download and run the file. I did a file scan with AVG 2013 and it reported no threats. Also, sometime yesterday while I was away from my PC my system updated to version 7 without any issues. It is running smoothly now. No problems here. Larry Sugden |
GaryB Send message Joined: 27 May 99 Posts: 1 Credit: 11,036,890 RAC: 0 |
Both files scanned with AVG Free 2013 and both passed No Problem, how do I get BOINC to resume work? Gary B |
©2025 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.