AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

AuthorMessage
Wilson Roberto da Silva

Send message
Joined: 28 Apr 13
Posts: 1
Credit: 76,071
RAC: 0
Brazil
Message 1374216 - Posted: 31 May 2013, 12:28:45 UTC - in response to Message 1373641.  

Ok. aguardarei sem tomar nenhuma providência, pois o antivirus realmente não detectou nada, espero que possam me ajudar nesse caso.
Agradeço ao Senhor Eric.
ID: 1374216 · Report as offensive
george

Send message
Joined: 30 Oct 12
Posts: 1
Credit: 1,095,421
RAC: 0
Germany
Message 1374238 - Posted: 31 May 2013, 13:13:56 UTC

hi my Computer says he cant install cause the date libfftw3f-3-3_upx.dll is missing.
ID: 1374238 · Report as offensive
EdHew

Send message
Joined: 5 Oct 12
Posts: 1
Credit: 1,921,486
RAC: 1
Philippines
Message 1374247 - Posted: 31 May 2013, 13:26:05 UTC - in response to Message 1373641.  

AVG complained similarly when I tried to install the new BOINC production release earlier today. It gave me a choice of creating an exception for it, which I selected, and then spun for 15 hours until I killed off that process. Not sure what I have and am running now.

Suggest that whatever you come up with to alleviate the issue will be auto-downloaded for installation to replace whatever is left from today's attempt.

Thanks for your efforts!
ID: 1374247 · Report as offensive
Profile Nightfall FX
Avatar

Send message
Joined: 19 Sep 07
Posts: 1
Credit: 605,371
RAC: 0
United States
Message 1374282 - Posted: 31 May 2013, 14:10:43 UTC - in response to Message 1373641.  
Last modified: 31 May 2013, 14:11:18 UTC

Thanks! I was wondering what happened. When AVG 2013 asks for permission to allow BOINC, and you select 'allow', it will freeze up AVG to where you need to shut it down through processes.
ID: 1374282 · Report as offensive
S@NL - JBG

Send message
Joined: 26 Jan 00
Posts: 11
Credit: 14,694,950
RAC: 0
Netherlands
Message 1374355 - Posted: 31 May 2013, 15:33:22 UTC - in response to Message 1373693.  

Both downloaded, and both NO AVG message during downloading

Also NO message during a scan

Using... AVG version 2012.0.2242 with db version 3184/5871

If you're willing, could you please download http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_unpacked.exe
and scan it with your virus scanner to see if it reports a problem with the uncompressed file?

And if that checks out, try to scan a recompressed version, just to be sure. http://boinc2.ssl.berkeley.edu/beta/download/setiathome_7.00_windows_intelx86_repacked.exe


ID: 1374355 · Report as offensive
Profile VDS_TYPE_12

Send message
Joined: 27 May 01
Posts: 1
Credit: 137,283
RAC: 0
United States
Message 1374389 - Posted: 31 May 2013, 16:23:48 UTC - in response to Message 1373693.  

FYI,
Comodo Internet Security Premiuim's Comodo Antivirus doesn't report anything on the two packed and unpacked versions.

Comodo Internet Security Premiuim Version 5.12.256249.2599
Virus Signature DB Version 16350
ID: 1374389 · Report as offensive
Juice

Send message
Joined: 19 Oct 11
Posts: 1
Credit: 755,454
RAC: 0
United States
Message 1374410 - Posted: 31 May 2013, 16:55:37 UTC

"doesn't not"
ID: 1374410 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1374417 - Posted: 31 May 2013, 17:01:16 UTC

The circumstances under which the alert is triggered are becoming more clear. It seems to only happen with the "resident shield" component, and only with specific versions of AVG 2012 and AVG 2013, possibly only the paid version.

If anyone has contrary info please let me know.
@SETIEric

ID: 1374417 · Report as offensive
Babaganoosh

Send message
Joined: 11 Jan 13
Posts: 1
Credit: 326,923
RAC: 0
Canada
Message 1374422 - Posted: 31 May 2013, 17:06:33 UTC - in response to Message 1373693.  

Scanned both versions with Avast and Malwarebytes, no problem with either of them.
ID: 1374422 · Report as offensive
rob smith Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer moderator
Volunteer tester

Send message
Joined: 7 Mar 03
Posts: 20333
Credit: 416,307,556
RAC: 380
United Kingdom
Message 1374435 - Posted: 31 May 2013, 17:22:10 UTC

I had a couple of reports that I was attempting to execute a suspect program with the free version 2013.0.334, with virus db 3184/6370(30May 2013).
I chose to ignore the warnings, and the affected programs were added to the exclusions list automagically.
Bob Smith
Member of Seti PIPPS (Pluto is a Planet Protest Society)
Somewhere in the (un)known Universe?
ID: 1374435 · Report as offensive
Profile Michel448a
Volunteer tester
Avatar

Send message
Joined: 27 Oct 00
Posts: 1335
Credit: 2,970,814
RAC: 0
Canada
Message 1374490 - Posted: 31 May 2013, 19:22:32 UTC - in response to Message 1374422.  

Scanned both versions with Avast and Malwarebytes, no problem with either of them.


same
ID: 1374490 · Report as offensive
Frank Hudson

Send message
Joined: 20 May 99
Posts: 2
Credit: 5,287,950
RAC: 10
United States
Message 1374577 - Posted: 31 May 2013, 23:34:56 UTC - in response to Message 1374355.  

I tried to download the package last evening. McAfee Internet Security blocked it saying it had a virus.
ID: 1374577 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1374594 - Posted: 1 Jun 2013, 1:14:49 UTC - in response to Message 1374588.  

I haven't seen any problems. It's probably because your app_info.xml for your anonymous platform use doesn't contain any applications for setiathome v7.
@SETIEric

ID: 1374594 · Report as offensive
SockGap

Send message
Joined: 16 Apr 07
Posts: 14
Credit: 7,700,416
RAC: 0
Australia
Message 1374597 - Posted: 1 Jun 2013, 1:18:45 UTC - in response to Message 1374588.  

Hello Eric,

In a mean while I have no work the whole evening
and there is nothing coming this way.
Is there also a problem with sending new task?


Hi Blue Angel

If you're running the optimised apps then, as per Jason_Gee's post here, you'll need to do the following:
- Set No New tasks
- Wait until tasks all complete, upload & report
- delete app_info.xml from the project directory
- reset the project
- Allow New tasks

Although from what I've ready around the place there's been varying degrees of success with the above steps.

Or wait until whenever the new installers for the optimised apps are released.

Cheers
Jeff

ID: 1374597 · Report as offensive
Anibal

Send message
Joined: 29 Dec 11
Posts: 1
Credit: 47,061
RAC: 0
Nicaragua
Message 1374747 - Posted: 1 Jun 2013, 13:14:21 UTC - in response to Message 1373641.  

gracias por la informacion, es util.
ID: 1374747 · Report as offensive
Claggy
Volunteer tester

Send message
Joined: 5 Jul 99
Posts: 4654
Credit: 47,537,079
RAC: 4
United Kingdom
Message 1374750 - Posted: 1 Jun 2013, 13:27:21 UTC - in response to Message 1374748.  
Last modified: 1 Jun 2013, 13:33:51 UTC

Pierre(XP_Freak) my husband did all that, still no work
and I do the same minutes ago, put it on no task and then
ask for task again, but nothing apear over here on my computer.
Is there something more that I overlook'd maybe??

Make sure you enabled 'SETI@home v7: yes' in your project preferences, you have received Stock work, but only v6 work:

All tasks for computer 5936358

Note on the right where it says SETI@home Enhanced v6.03

Claggy
ID: 1374750 · Report as offensive
Claggy
Volunteer tester

Send message
Joined: 5 Jul 99
Posts: 4654
Credit: 47,537,079
RAC: 4
United Kingdom
Message 1374878 - Posted: 1 Jun 2013, 17:25:38 UTC - in response to Message 1374872.  
Last modified: 1 Jun 2013, 17:53:13 UTC

Pierre(XP_Freak) my husband did all that, still no work
and I do the same minutes ago, put it on no task and then
ask for task again, but nothing apear over here on my computer.
Is there something more that I overlook'd maybe??

Make sure you enabled 'SETI@home v7: yes' in your project preferences, you have received Stock work, but only v6 work:

All tasks for computer 5936358

Note on the right where it says SETI@home Enhanced v6.03

Claggy


I have the Newest v7 and my the work was all done
then XP_Freak started with the v7 and reset everything
by the way I've got 2 task's and then it stopped.


You're talking about BOINC v7, We're talking about the application Setiathome v7, NOT the same thing.

I've you don't enable Setiathome v7 in your project preferences you won't get Setiathome v7 work.

I supplied you with the link to get to the Setiathome preferences in my earlier post.

Run only the selected applications  SETI@home Enhanced: yes
                                    Astropulse v505: no
                                    SETI@home v7: yes
                                    AstroPulse v6: yes 


Claggy
ID: 1374878 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1374993 - Posted: 1 Jun 2013, 22:19:33 UTC - in response to Message 1374180.  

The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector


PUA stands for "Potentially Unwanted Application", which means that ClamAV has decided the only use for compressed executables is for "bad things". ClamAV could decompress them and scan the decompressed executable for viruses like nearly every other virus scanner does. I will suggest that to them.
@SETIEric

ID: 1374993 · Report as offensive
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 14417
Credit: 200,643,578
RAC: 874
United Kingdom
Message 1375023 - Posted: 1 Jun 2013, 23:06:17 UTC - in response to Message 1374993.  

The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector

PUA stands for "Potentially Unwanted Application", which means that ClamAV has decided the only use for compressed executables is for "bad things". ClamAV could decompress them and scan the decompressed executable for viruses like nearly every other virus scanner does. I will suggest that to them.

I was using executable compression 20+ years ago so my entire program suite would fit on a single 5.25" standard-density floppy disk.
ID: 1375023 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1378
Credit: 54,506,847
RAC: 60
United States
Message 1375036 - Posted: 1 Jun 2013, 23:18:10 UTC - in response to Message 1375023.  

Apparently ClamAV doesn't allow submission of a false detection report for PUAs because ClamAV doesn't consider PUA detections to be virus detections.


@SETIEric

ID: 1375036 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2021 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.