AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation

To post messages, you must log in.

Previous · 1 . . . 3 · 4 · 5 · 6

AuthorMessage
Profile William Michael Johnson

Send message
Joined: 26 Apr 00
Posts: 3
Credit: 6,619,218
RAC: 0
United States
Message 1383545 - Posted: 22 Jun 2013, 2:18:51 UTC

Have done everything I know and have been told to do about this problem, but it keeps deleting my seti project. I have verified that the exception has been added to avg, etc etc etc.
I have (5) old extremes that have been running seti for the last couple of years but no longer they have been redirected to MilkyWay until I hear that AVG and Seti are fixed.
ID: 1383545 · Report as offensive
Boda

Send message
Joined: 16 Jun 00
Posts: 1
Credit: 2,931,973
RAC: 4
Luxembourg
Message 1384503 - Posted: 25 Jun 2013, 7:39:36 UTC - in response to Message 1383545.  

My AVG2013 does issue an alert against boincmgr.exe and blocks its use unless an exception is created.

It was the Identity Protection module of AVG2013 that assessed boincmgr.exe as being suspicious which leads to the question of what behaviour is that of version 7 that leads to these problems with different AV programs?
ID: 1384503 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1384656 - Posted: 25 Jun 2013, 22:20:50 UTC - in response to Message 1384503.  
Last modified: 25 Jun 2013, 22:24:43 UTC

For SETI@home 7, we compress the executables and DLLs to save on download bandwidth. AVG and a (very) few other virus scanners consider this technique, which I've been using since 1989, to be "suspicious activity". Since they have a larger customer base than SETI@home does, they don't seem inclined to change their opinion.

I doubt that compression is the issue with the BOINC executable, though. I'm guessing that AVG doesn't like programs that can start and stop system services. Although since it's the identity protection component, it could just be an aversion to numbers. BOINC uploads and downloads a lot of files with numbers in them, and the last 4 digits of your social security number or the last four digits of your credit card number are bound to be in one of them. And BOINC asks you to enter a your password at times. It might be that AVG thinks the BOINC manager is scamming you.
@SETIEric

ID: 1384656 · Report as offensive
Peter C. Watt

Send message
Joined: 2 Jul 99
Posts: 5
Credit: 4,955,922
RAC: 8
United States
Message 1386937 - Posted: 2 Jul 2013, 23:33:48 UTC

AVG reported suspicious files when I first downloaded Version 7 a few weeks ago, but BOINC ran OK until last night.

Last night, AVG not only flagged the program but disabled it. The BOINC Manager, running SETI@Home and Milkyway@Home is now "not connected to a client". When I try to activate it, Boinc advises something such as to "go into the Control Panel and turn on the Servlet for BOINC". However, the Control Panel in my Windows Vista Home Premium operating system doesn't seem to have those settings.

The BOINC Manager is completely blank in all its screens. How do I reactivate the BOINC program and the projects that I had going? I tried Windows System Restore back to a few hours before the problem, but that didn't fix it.

Any help would be appreciated. Thanks.

-PW
ID: 1386937 · Report as offensive
Bob Giel
Volunteer tester

Send message
Joined: 11 Jan 04
Posts: 76
Credit: 5,419,128
RAC: 0
United States
Message 1386943 - Posted: 3 Jul 2013, 0:07:33 UTC - in response to Message 1386937.  

Go into AVG and create an exception for the BOINC directories.
ID: 1386943 · Report as offensive
Peter C. Watt

Send message
Joined: 2 Jul 99
Posts: 5
Credit: 4,955,922
RAC: 8
United States
Message 1387119 - Posted: 3 Jul 2013, 9:03:12 UTC - in response to Message 1386943.  

OK, I created some exceptions in AVG. Hope that it was the right ones.

Had to reload the BOINC download to get things going again. So far, so good.

Never had trouble like this before. They may have Jumped The Shark with this Version 7.

Thanks.
ID: 1387119 · Report as offensive
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 13244
Credit: 208,696,464
RAC: 304
Australia
Message 1387120 - Posted: 3 Jul 2013, 9:07:27 UTC - in response to Message 1387119.  

Never had trouble like this before. They may have Jumped The Shark with this Version 7.

The problem is with AVG, not BOINC.

Grant
Darwin NT
ID: 1387120 · Report as offensive
Profile Cliff Harding
Volunteer tester
Avatar

Send message
Joined: 18 Aug 99
Posts: 1432
Credit: 110,967,840
RAC: 67
United States
Message 1387146 - Posted: 3 Jul 2013, 11:56:42 UTC - in response to Message 1373978.  
Last modified: 3 Jul 2013, 12:00:13 UTC

If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe
and scan it with your virus scanner to see if it reports a problem with the uncompressed file?

And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe


I d/l'ed these files this morning using the Total Defense Security Suite with no problems. I've been using this software for 25+ years and never had a problem. The A/V and firewall software was initially built by CA Technologies (FKA - Computer Associates) for corporate mainframes. Through demands it was ported down to PCs is the early 80's.

I've tried AVG, Tend Micro, Norton and several others and got too many false errors. Switched back and been there ever since.


I don't buy computers, I build them!!
ID: 1387146 · Report as offensive
bill

Send message
Joined: 16 Jun 99
Posts: 861
Credit: 29,352,955
RAC: 0
United States
Message 1387163 - Posted: 3 Jul 2013, 13:33:14 UTC - in response to Message 1387119.  

False positives are the cause of a broken
anti-virus program. Nothing else.
ID: 1387163 · Report as offensive
Profile Cliff Harding
Volunteer tester
Avatar

Send message
Joined: 18 Aug 99
Posts: 1432
Credit: 110,967,840
RAC: 67
United States
Message 1387196 - Posted: 3 Jul 2013, 15:25:55 UTC - in response to Message 1387163.  

False positives are the cause of a broken
anti-virus program. Nothing else.


I fully agree, which is why I use this particular software. I cannot ever remember getting any. I've seen corporations switch to Micro-Trend, AVG and others then switch back because of too many network disruptions for this very reason. I have been online from home, inside the firewall, when a company got hit and was not affected other than having to get off because the network went south only to find out it was because of a "broken anti-virus program'.


I don't buy computers, I build them!!
ID: 1387196 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15183
Credit: 4,362,181
RAC: 3
Netherlands
Message 1387389 - Posted: 3 Jul 2013, 20:28:13 UTC

For the people wondering about how to add the BOINC Data directory to their anti virus program, see http://boincwiki.mundayweb.com/index.php?title=Add_the_BOINC_Data_directory_to_the_exclusions_of_my_antivirus_program.

For those running Zone Alarm, no it's not there and it won't get there either. Zone Alarm its uninstaller ate the bootloader of the Windows VM that I used. Resulting in me having to reinstall Windows from scratch. Luckily I was using a VM, not my own Windows, but guess what? I won't try ZA anymore either. I can spend my time way better than that.
ID: 1387389 · Report as offensive
Peter C. Watt

Send message
Joined: 2 Jul 99
Posts: 5
Credit: 4,955,922
RAC: 8
United States
Message 1387567 - Posted: 4 Jul 2013, 9:30:56 UTC - in response to Message 1387120.  

Never had trouble like this before. They may have Jumped The Shark with this Version 7.

The problem is with AVG, not BOINC.


I reported the executable file path name to AVG. Maybe they will get it all sorted out.


ID: 1387567 · Report as offensive
Peter C. Watt

Send message
Joined: 2 Jul 99
Posts: 5
Credit: 4,955,922
RAC: 8
United States
Message 1387572 - Posted: 4 Jul 2013, 10:07:32 UTC - in response to Message 1387389.  
Last modified: 4 Jul 2013, 10:09:35 UTC

[quote]For the people wondering about how to add the BOINC Data directory to their anti virus program, see http://boincwiki.mundayweb.com/index.php?title=Add_the_BOINC_Data_directory_to_the_exclusions_of_my_antivirus_program.

That works. Not exactly the same sequence in AVG Internet Security 2013, but close enough.
Thank yuh verri much!
ID: 1387572 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15183
Credit: 4,362,181
RAC: 3
Netherlands
Message 1387609 - Posted: 4 Jul 2013, 13:58:25 UTC - in response to Message 1387572.  

Not exactly the same sequence in AVG Internet Security 2013, but close enough.

if I can find a trial version of that, I'll add it to the list. There's only 24 AVs missing from my list. ;-)
ID: 1387609 · Report as offensive
Profile Cornhusker

Send message
Joined: 20 Apr 09
Posts: 41
Credit: 45,415,265
RAC: 37
United States
Message 1388107 - Posted: 5 Jul 2013, 20:41:53 UTC

Using AVG Free, I got the following:

Threat: General behavioral detection
Object name: c:\ProgramData\Boinc\projects\setiathome.berkeley.edu\AP6_win_x86_SSE2_OpenCL_NV_r1843.exe
Severity: Medium
State: Secured
Identified by: Identity Protection
Date: 6/20/2013, 8:59:03 AM

Although it was complaining about the Lunatics version I wonder if it's the same problem being discussed.

NOTE: It was the Identity Protection feature that complains about the program -- not the AV scanner.
ID: 1388107 · Report as offensive
Profile Cornhusker

Send message
Joined: 20 Apr 09
Posts: 41
Credit: 45,415,265
RAC: 37
United States
Message 1388115 - Posted: 5 Jul 2013, 20:55:07 UTC

Please disregard my previous post. I didn't read the thread thoroughly enough to see that somebody finally realized it was the Identify Protection feature of AVG that was doing the complaining -- not the virus scanning features.

My bad.
ID: 1388115 · Report as offensive
Previous · 1 . . . 3 · 4 · 5 · 6

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2021 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.