AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 . . . 6 · Next

AuthorMessage
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1373820 - Posted: 30 May 2013, 21:16:45 UTC - in response to Message 1373814.  
Last modified: 30 May 2013, 21:19:10 UTC

I wonder if it's only a problem when it scans the in memory copy when it is running. And if the exceptions list is based on the in memory footprint, it may be excepted. Does the original fail to scan on your AVG13?

http://boinc2.ssl.berkeley.edu/sah/download_fanout/setiathome_7.00_windows_intelx86.exe
@SETIEric

ID: 1373820 · Report as offensive
Horacio

Send message
Joined: 14 Jan 00
Posts: 536
Credit: 75,967,266
RAC: 0
Argentina
Message 1373868 - Posted: 30 May 2013, 22:42:07 UTC

The linked files on previous posts and also the executable and library files downloaded from main for the CPU don't trigger any warning neither with the free version of Avast neither with the last Norton Antivirus...

The only warning in all cases was from MS Internet Explorer saying that the files were not commonly downloaded so it suggested to delete them, but as BOINC dont need a browser to download the files this should not be an issue... (even when the wording of the warning was really frightening LOL)
ID: 1373868 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1373895 - Posted: 30 May 2013, 23:20:48 UTC - in response to Message 1373859.  

I have Trend Virus scan the best there is!!


Never tried it. I was only talking about the false positives from their FakeAV detector.
@SETIEric

ID: 1373895 · Report as offensive
spyregyre

Send message
Joined: 25 Aug 01
Posts: 3
Credit: 35,736,267
RAC: 23
United States
Message 1373905 - Posted: 30 May 2013, 23:55:17 UTC

I just had both the stable and development version trigger AVG. My question is how to turn or exception boinc from AVG.

thanks.
ID: 1373905 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1373917 - Posted: 31 May 2013, 0:27:30 UTC - in response to Message 1373905.  

If it's like 2012, open the AVG interface, select AntiVirus and then click manage exceptions. Add your BOINC/projects/setiathome.berkeley.edu directory to the list of exceptions. That directory will probably either be C:\Program Data\BOINC\projects\setiathome.berkeley.edu or C:\Users\YourUsername\Program Data\BOINC\projects\setiathome.berkeley.edu

There also may be a way to mark programs as exception from the quarrantine list, but I don't have a way to check that.
@SETIEric

ID: 1373917 · Report as offensive
john
Avatar

Send message
Joined: 18 Sep 08
Posts: 2
Credit: 3,587,642
RAC: 8
United States
Message 1373926 - Posted: 31 May 2013, 1:07:52 UTC

avg has become well known for embarassing false positives.stopped using it years ago for that and many other reasons
ID: 1373926 · Report as offensive
ph.gsc.sevilla.larry

Send message
Joined: 13 Mar 12
Posts: 5
Credit: 11,510,421
RAC: 21
Philippines
Message 1373934 - Posted: 31 May 2013, 2:00:20 UTC

Avast: No Threat Found

I had BAD experiences with AVG, years ago.
ID: 1373934 · Report as offensive
DarkStar

Send message
Joined: 31 Jan 00
Posts: 2
Credit: 26,505,931
RAC: 22
United States
Message 1373954 - Posted: 31 May 2013, 3:13:31 UTC

Resident Shield in AVG 2012 identifies boinc.exe as a virus. I have seen it only on one computer with 2012 as of yet. Log follows.
Take care!

Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 11:01:54 PM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 7:22:22 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 4:18:57 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 2:29:38 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe";"Infected";"05/30/2013, 1:41:08 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll";"Infected";"05/30/2013, 1:26:52 AM";"file";"C:\Program Files\BOINC\boinc.exe"
Virus found Win32/Heur;"c:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setigraphics_7.00_windows_intelx86.exe";"Infected";"05/30/2013, 1:25:54 AM";"file";"C:\Program Files\BOINC\boinc.exe"


ID: 1373954 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 576
Credit: 67,033,957
RAC: 95
Finland
Message 1373978 - Posted: 31 May 2013, 4:20:54 UTC - in response to Message 1373693.  

If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe
and scan it with your virus scanner to see if it reports a problem with the uncompressed file?

And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe


No problem with those files.
ID: 1373978 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1373980 - Posted: 31 May 2013, 4:38:17 UTC - in response to Message 1373954.  

Resident Shield in AVG 2012 identifies boinc.exe as a virus. I have seen it only on one computer with 2012 as of yet. Log follows.


Yes, that's looks like a misidentification of the UPX compression method as a virus, probably because the in-memory image doesn't match the file on disk. I've contacted AVG. Hopefully they'll respond.
@SETIEric

ID: 1373980 · Report as offensive
Profile W.B. Cheney, III

Send message
Joined: 25 Feb 01
Posts: 4
Credit: 963,190
RAC: 5
United States
Message 1373991 - Posted: 31 May 2013, 5:13:40 UTC

I have been running AGV Business Suite for 4 years and running BOINC longer than that. I have never had any problem and I am running Cosmology, Einstein, and SETI. I am using Windows 7, on a HP Pavilion m6-1045dx.
ID: 1373991 · Report as offensive
neuronics

Send message
Joined: 21 May 99
Posts: 1
Credit: 10,455,115
RAC: 0
Canada
Message 1373992 - Posted: 31 May 2013, 5:13:58 UTC

No issue here !
ID: 1373992 · Report as offensive
Profile Wiggo
Avatar

Send message
Joined: 24 Jan 00
Posts: 23379
Credit: 261,360,520
RAC: 489
Australia
Message 1374060 - Posted: 31 May 2013, 7:26:16 UTC - in response to Message 1374035.  

I've been running AVG for well over 11yrs now and I have never had this happen yet on any of my rigs (present or past) so it has me puzzled (not all that hard to do at times) as to why some do.

Cheers.
ID: 1374060 · Report as offensive
Profile ivan
Volunteer tester
Avatar

Send message
Joined: 5 Mar 01
Posts: 783
Credit: 348,560,338
RAC: 223
United Kingdom
Message 1374082 - Posted: 31 May 2013, 7:46:05 UTC - in response to Message 1374061.  
Last modified: 31 May 2013, 7:48:56 UTC

The Explorer can't find the url of download Boinc 7 for windows?
Don't get me wrong but I do need some New Work.

I'm having a similar problem at the moment, three files not downloading.
(setiathome_7.00_windows, setigraphics, and libfftw3f-3-3-_upx.dll)
[Edit] Actually, also a lot of task files showing up as Downloading in the tasks window, but making no appearance at all in the transfer window... [/e]
ID: 1374082 · Report as offensive
kittyman Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Jul 00
Posts: 51407
Credit: 1,018,363,574
RAC: 1,004
United States
Message 1374083 - Posted: 31 May 2013, 7:48:45 UTC - in response to Message 1374082.  

The Explorer can't find the url of download Boinc 7 for windows?
Don't get me wrong but I do need some New Work.

I'm having a similar problem at the moment, three files not downloading.
(setiathome_7.00_windows, setigraphics, and libfftw3f-3-3-_upx.dll)

Still going on, eh?

Give it time.

All my rigs were in the same trouble, and I went to sleep on it.

In the morning all had cleared.

In addition, Eric made an adjustment to the download servers.

See additional info in the v7 rollout thread.

Where...chuckle.....you should be posting this in the first place, not a news thread.
Excuse me if I am hard to understand at times.......I've had a difficult few lives.

ID: 1374083 · Report as offensive
Cornelis Rison

Send message
Joined: 16 Mar 02
Posts: 1
Credit: 3,510,589
RAC: 43
Germany
Message 1374141 - Posted: 31 May 2013, 9:38:50 UTC

Ive checked the files "boinc_7.0.64_windows_intelx86.exe" and "setiathome_7.00_windows_intelx86_repacked.exe" with AVG 2013. With both of them there were no problems!! ;-))
ID: 1374141 · Report as offensive
WezH
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 576
Credit: 67,033,957
RAC: 95
Finland
Message 1374152 - Posted: 31 May 2013, 9:56:07 UTC - in response to Message 1373678.  

Same problem with Avira Antivirus Free:


No problems with

Product version 13.0.0.3640 18.4.2013
Search engine 8.02.12.50 27.5.2013
Virus definition file 7.11.81.236 31.5.2013
Control Center 13.06.00.1194 7.5.2013
Config Center 13.06.00.1246 7.5.2013
Luke Filewalker 13.06.00.1262 7.5.2013
Real-Time Protection 13.06.00.778 2.4.2013
Filter 13.05.01.10 2.4.2013
Web Protection 13.06.07.1236 7.5.2013
Scheduler 13.06.00.778 2.4.2013
Updater 13.06.14.1262 7.5.2013
Rootkits Protection 13.05.01.05 2.4.2013
Local Decider 13.06.02.1262 7.5.2013
ID: 1374152 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1374180 - Posted: 31 May 2013, 10:54:37 UTC - in response to Message 1373868.  

The linked files on previous posts ... don't trigger any warning neither with the free version of Avast neither with the last Norton Antivirus...

The same 'no-problem' with ESET NOD32 Antivirus 4.2.71.2 - 32 bit
setiathome_7.00_windows_intelx86_unpacked.exe	1 670 144 
setiathome_7.00_windows_intelx86_repacked.exe	  448 512 
setiathome_7.00_windows_intelx86.exe 		  484 352 

No warning during download (using SRWare Iron - save to Desktop)
No warning from manual scan (using context menu - Scan with ESET NOD32 Antivirus ('Heuristics' + 'Advanced Heuristics' is ON as is by default))
No any warning on VirusTotal (for the 3 files - Reanalyse)

I also did scans (only for setiathome_7.00_windows_intelx86.exe) on two other sites (because they may use different sensitivity of heuristics):
http://r.virscan.org/report/ad516e9d1dbb92525bfac9b980d5a2e3.html
http://virusscan.jotti.org/en/scanresult/2a8530b92a70edc5eda8d9a1e6584441822c2719

The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1374180 · Report as offensive
Profile Ozmoses
Volunteer tester
Avatar

Send message
Joined: 9 Jun 03
Posts: 20
Credit: 31,926,513
RAC: 4
Australia
Message 1374200 - Posted: 31 May 2013, 11:32:19 UTC - in response to Message 1373641.  

I run AVG 2013 on one of my machines (win7 64 bit) and often install the Beta BOINC (whenever it is available) on it. I don't recall this occurring on the 7.0.xx or the 7.1.1 beta's for my 64 bit system.
But, the alert is timely, thank you.
ID: 1374200 · Report as offensive
Cavalary

Send message
Joined: 15 Jul 99
Posts: 104
Credit: 7,507,548
RAC: 38
Romania
Message 1374205 - Posted: 31 May 2013, 11:52:41 UTC - in response to Message 1373693.  

No issues with BitDefender on either of those two files either, and this one's quite known for false positives too.
ID: 1374205 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 . . . 6 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2021 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.