AVG 2013 virus scanner false positive on SETI@home 7 for Windows

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

AuthorMessage
Profile David Shanholtzer

Send message
Joined: 23 Nov 03
Posts: 2
Credit: 4,400,520
RAC: 1
Message 1375099 - Posted: 2 Jun 2013, 3:00:54 UTC - in response to Message 1373693.  

FWI Just scanned the first one. AVG v. 2012.0.2242, database v.3184/5875 (June 1, 2013) reported no virus detected.
ID: 1375099 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1375111 - Posted: 2 Jun 2013, 4:46:21 UTC - in response to Message 1375023.  

The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector

PUA stands for "Potentially Unwanted Application", which means that ClamAV has decided the only use for compressed executables is for "bad things". ClamAV could decompress them and scan the decompressed executable for viruses like nearly every other virus scanner does. I will suggest that to them.

I was using executable compression 20+ years ago so my entire program suite would fit on a single 5.25" standard-density floppy disk.

Me too. I used PKLite and LZEXE

Packers & Unpackers:
http://www.woodmann.com/crackz/Packers.htm

http://bellard.org/lzexe.html


P.S.
PUA stands for "Potentially Unwanted Application"

For those that don't know - sometimes it is called PUP (depends on the terminology of the antivirus)
PUP (Potentially Unwanted Program)
http://en.wikipedia.org/wiki/Potentially_Unwanted_Program#Grayware


Personal opinion:
I think that some antivirus vendors intentionally report anything that looks slightly suspicious
(e.g. Packers; or BOINC downloading .exe and .dll files in the background and starting/using them)
so unexperienced users are convinced "Oh, yes, MY antivirus is working, I spend my money for a good" ;)


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1375111 · Report as offensive
Jasper
Avatar

Send message
Joined: 29 Nov 11
Posts: 8
Credit: 1,026,591
RAC: 0
Switzerland
Message 1375162 - Posted: 2 Jun 2013, 7:15:56 UTC - in response to Message 1374993.  

The only 'red' is from ClamAV - PUA.Win32.Packer.UpxProtector


PUA stands for "Potentially Unwanted Application", which means that ClamAV has decided the only use for compressed executables is for "bad things". ClamAV could decompress them and scan the decompressed executable for viruses like nearly every other virus scanner does. I will suggest that to them.


Indeed. I ran ClamAV (0.97.8) after the download, nothing to report as almost usual.
ID: 1375162 · Report as offensive
Profile Larry Sugden

Send message
Joined: 19 May 11
Posts: 2
Credit: 1,403,586
RAC: 0
United States
Message 1375328 - Posted: 2 Jun 2013, 12:50:04 UTC - in response to Message 1373693.  

I am running AVG 2013 under Windows 8. I have no problems downloading the file. I do get a warning on the certificate, but still allowed to download and run the file. I did a file scan with AVG 2013 and it reported no threats.

Also, sometime yesterday while I was away from my PC my system updated to version 7 without any issues. It is running smoothly now. No problems here.

Larry Sugden
ID: 1375328 · Report as offensive
Profile GaryB

Send message
Joined: 27 May 99
Posts: 1
Credit: 11,036,890
RAC: 0
Canada
Message 1375524 - Posted: 2 Jun 2013, 19:01:08 UTC - in response to Message 1373693.  

Both files scanned with AVG Free 2013 and both passed No Problem, how do I get BOINC to resume work?

Gary B

ID: 1375524 · Report as offensive
Profile miikman

Send message
Joined: 27 Feb 06
Posts: 1
Credit: 945,606
RAC: 0
United States
Message 1375628 - Posted: 2 Jun 2013, 22:26:23 UTC

Added exception to AVG thanks for the post.
ID: 1375628 · Report as offensive
Profile Vicki
Avatar

Send message
Joined: 30 Nov 01
Posts: 65
Credit: 1,640,576
RAC: 46
New Zealand
Message 1376332 - Posted: 4 Jun 2013, 4:16:14 UTC

after avg 2013 threw a hissy at seti@home version 7 & cuda version 7; I had to reinstall bonic as it kept asking for a service file that didn't exsist. Sadly I lost a few work units due to "error in computing" but have now managed to add the exception. I think when my paid avg expires, I might have to find another antivirus / firewall program to replace it with. Suggestions of a more suitible program welcome. Both my desktop & laptop run 32 bit versions of vista.
A city destroyed by an earthquake is an opportunity to Rebuild, redeign & make it a better place to be. Better, stronger, faster like the 6 Million Dollar Man
ID: 1376332 · Report as offensive
Thomas
Volunteer tester

Send message
Joined: 9 Dec 11
Posts: 1499
Credit: 1,345,576
RAC: 0
France
Message 1376381 - Posted: 4 Jun 2013, 5:50:06 UTC - in response to Message 1376332.  

after avg 2013 threw a hissy at seti@home version 7 & cuda version 7; I had to reinstall bonic as it kept asking for a service file that didn't exsist. Sadly I lost a few work units due to "error in computing" but have now managed to add the exception. I think when my paid avg expires, I might have to find another antivirus / firewall program to replace it with. Suggestions of a more suitible program welcome. Both my desktop & laptop run 32 bit versions of vista.

Rae, read this, maybe it will help
http://setiathome.berkeley.edu/forum_thread.php?id=71773&postid=1373233#1373233
ID: 1376381 · Report as offensive
Profile Vicki
Avatar

Send message
Joined: 30 Nov 01
Posts: 65
Credit: 1,640,576
RAC: 46
New Zealand
Message 1376420 - Posted: 4 Jun 2013, 7:36:20 UTC - in response to Message 1376381.  

Hi.
Thank you for your reply. Bonic seams to be ruynning smoothly for now after the exceptions were put in place for each application <seti@home 7 + the cuda version. + astropulse 6.01.> I will keep a close eye on it when the next few work units are complete so i know if i have "solved" this hick up for now. Will post the results in a day or so when units complete.
A city destroyed by an earthquake is an opportunity to Rebuild, redeign & make it a better place to be. Better, stronger, faster like the 6 Million Dollar Man
ID: 1376420 · Report as offensive
Phil

Send message
Joined: 24 Apr 12
Posts: 10
Credit: 347,759
RAC: 0
United States
Message 1376509 - Posted: 4 Jun 2013, 12:36:14 UTC - in response to Message 1376332.  

May I suggest Microsoft Security Essentials. I have been using it for about a year and it works great. One thing I like about it is that it upgrades definitions 2 or 3 times a day.
ID: 1376509 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1376572 - Posted: 4 Jun 2013, 17:34:21 UTC - in response to Message 1376332.  

I might have to find another antivirus / firewall program to replace it with. Suggestions of a more suitable program welcome.

I use ESET NOD32 Antivirus 4 (the current version is 6 but I like the older interface)
http://www.eset.com/

http://www.eset.com/home/whyeset/compare/


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1376572 · Report as offensive
Phil

Send message
Joined: 24 Apr 12
Posts: 10
Credit: 347,759
RAC: 0
United States
Message 1376617 - Posted: 4 Jun 2013, 18:41:43 UTC - in response to Message 1376509.  

May I suggest Microsoft Security Essentials. I have been using it for about a year and it works great. One thing I like about it is that it upgrades definitions 2 or 3 times a day. It's also free.
ID: 1376617 · Report as offensive
Profile Vicki
Avatar

Send message
Joined: 30 Nov 01
Posts: 65
Credit: 1,640,576
RAC: 46
New Zealand
Message 1376743 - Posted: 4 Jun 2013, 22:24:20 UTC

Good Morning all From Christchurch, New Zealand.
Thank yhou for the suggestions for replacement Antivirus/ Fire wall Programs.

This Morning AVGs Identy Module Welcomed me Just after I Logged into windows.
If My experience is typical of the "AVG FAKE BUG", Each Application <and version of application> will require its own exception.

Here is a copy of a couple of the excetions that I have made to allow SRTI@HOME to continue to crunch the numbers.

"General behavioral detection, C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86__cuda50.exe";"Added to exceptions";"5/06/2013, 9:40:12 a.m.";"File or Directory";""

"General behavioral detection, C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86__cuda42.exe";"Added to exceptions";"4/06/2013, 3:56:12 p.m.";"File or Directory";""


At This point I am semi Tempted to turn off the Identy protection Module.
I am also reminded of a classic cartoon that Did the rounds in 1988-1990 <The days of ms-dos 3.3 & windows version 1> which featured a p[icture of Daffy Duck Holding a sledge Hammer aBove his computer while its screen displayed the message "Error - Hit Any Key To Continue"
Substitue the pc for avg 2013 paid edition & I too would be reaching for my sledge Hammer! If Laughter is the best medicine, I Hope that Helps!

Rae

A city destroyed by an earthquake is an opportunity to Rebuild, redeign & make it a better place to be. Better, stronger, faster like the 6 Million Dollar Man
ID: 1376743 · Report as offensive
Profile Bernie Vine
Volunteer moderator
Volunteer tester
Avatar

Send message
Joined: 26 May 99
Posts: 9947
Credit: 103,452,613
RAC: 328
United Kingdom
Message 1376755 - Posted: 4 Jun 2013, 22:48:49 UTC - in response to Message 1376617.  

May I suggest Microsoft Security Essentials. I have been using it for about a year and it works great. One thing I like about it is that it upgrades definitions 2 or 3 times a day. It's also free.

Whilst it is free it regularly comes last in virus detection tests and is not recommended.

Avast, Panda Cloud, Zone Alarm, Avira, Bitdefender, and AVG free editions all score higher than MSE.
ID: 1376755 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15183
Credit: 4,362,181
RAC: 3
Netherlands
Message 1376760 - Posted: 4 Jun 2013, 22:59:51 UTC - in response to Message 1376755.  
Last modified: 4 Jun 2013, 23:05:16 UTC

Now, how many viruses have you had on any of your systems lately? Chances are high that none of the above will catch them, or that you have a root kit which the free virus scanners can't completely get.

I just dropped Avira from my 2 systems as it was starting to irritate me that each time I let any of the systems resume from hibernation, first thing it was going to do was update Avira, thereby slowing the whole start-up enormously. Even while I set one of the systems to only update every 5 days and 18 hours, the other system I couldn't get off of a 6 hour update. Trying any other value than 6 hours, would constantly reset to 6 hours. That plus the over-annoying pop-ups, usually in a language not my own, nor English (I've seen French, Portuguese, Spanish, and what looked like Danish). Gone. Off.

I'll run Microsoft Security Essentials, plus Superantispyware, plus Malwarebytes Anti-malware.

If I still have trouble between those, then it just had to be. Karma. :)

PS: It did find the 300 (!!) virus infections that were present in the source code files of the Drugdiscovery project homepage web site. After cleaning everything, I ran an online scanner of Trend Micro over the same directory structure and it didn't find any further threats. Not that I allow the rest of the source code back online.... ;-)
ID: 1376760 · Report as offensive
Profile betreger Project Donor
Avatar

Send message
Joined: 29 Jun 99
Posts: 10825
Credit: 29,581,041
RAC: 66
United States
Message 1376767 - Posted: 4 Jun 2013, 23:37:21 UTC

In my limited experience MSE seems to bog down a computer less than others that I have used. As for the "tests" that show poor efficacy, I would wonder what if any commercial motives the testers have.
ID: 1376767 · Report as offensive
ph.gsc.sevilla.larry

Send message
Joined: 13 Mar 12
Posts: 5
Credit: 11,510,421
RAC: 21
Philippines
Message 1376858 - Posted: 5 Jun 2013, 5:18:50 UTC - in response to Message 1376332.  

Avast, try it...
ID: 1376858 · Report as offensive
Phil

Send message
Joined: 24 Apr 12
Posts: 10
Credit: 347,759
RAC: 0
United States
Message 1378087 - Posted: 7 Jun 2013, 15:28:43 UTC - in response to Message 1376755.  

May I suggest Microsoft Security Essentials. I have been using it for about a year and it works great. One thing I like about it is that it upgrades definitions 2 or 3 times a day. It's also free.

Whilst it is free it regularly comes last in virus detection tests and is not recommended.

Avast, Panda Cloud, Zone Alarm, Avira, Bitdefender, and AVG free editions all score higher than MSE.


Who did the scoring. What criteria was used in the process. Yes, color me a skeptic. Just the facts, Sir.
ID: 1378087 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1378183 - Posted: 7 Jun 2013, 17:55:38 UTC - in response to Message 1378087.  
Last modified: 7 Jun 2013, 18:13:15 UTC

Who did the scoring. What criteria was used in the process. Yes, color me a skeptic. Just the facts, Sir.

There are several reputable sources/organizations that test Anti-Virus Software:

http://www.av-comparatives.org/

http://www.av-test.org/en/home/

http://www.virusbtn.com/


'Real-World Protection Tests':
http://chart.av-comparatives.org/chart1.php?chart=chart2&year=2013&month=4&sort=0

And strangely Microsoft have no False Alarms:
http://chart.av-comparatives.org/chart1.php?chart=chart6&year=2013&month=3&sort=0


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1378183 · Report as offensive
Rensk

Send message
Joined: 9 May 11
Posts: 3
Credit: 720,680
RAC: 0
Switzerland
Message 1378572 - Posted: 8 Jun 2013, 13:12:40 UTC - in response to Message 1373678.  

Would need therefore that people asking us to work for them inform the producers of antivirus... Have us one gives information to, it is definitely, but not much have make nothing.

AlmereGrid is however part knack our new antiviruses do not like.
ID: 1378572 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 · 6 · Next

Message boards : News : AVG 2013 virus scanner false positive on SETI@home 7 for Windows


 
©2021 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.