Message boards : Number crunching : False positiv virus alarm? Trojan.GenericKD.2649361 found.

False positiv virus alarm? Trojan.GenericKD.2649361 found.

Post to thread Subscribe


AuthorMessage
hsdecalc

Send message
Joined: 2 Mar 15
Posts: 6
Credit: 2,662,437
RAC: 0
Message 485 - Posted: 20 Aug 2015, 10:23:49 UTC

My Bitdefender Security Virus Scanner blocked download the
../universe-xray_sources_v3_2_windows_intelx86.exe.
It´s infected by virus: Trojan.GenericKD.2649361.
Is this a false message? Normaly the scanner software works fine without false messages in the past.
ID: 485 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Krzysztof Piszczek - wspieram Polski projekt BOINC
Project administrator
Project developer
Project tester
Avatar

Send message
Joined: 4 Feb 15
Posts: 666
Credit: 89,789,965
RAC: 118
Message 486 - Posted: 20 Aug 2015, 10:49:26 UTC - in response to Message 485.  

False positive...
Krzysztof 'krzyszp' Piszczek

Member of Radioactive@Home project team
My Patreon profile
ID: 486 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Yavanius
Avatar

Send message
Joined: 13 May 15
Posts: 76
Credit: 1,911,405
RAC: 536
Message 487 - Posted: 21 Aug 2015, 7:36:21 UTC - in response to Message 485.  

Try resetting the project. I know I saw that the other day and I think I just reset the project and it cleared.
ID: 487 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
hsdecalc

Send message
Joined: 2 Mar 15
Posts: 6
Credit: 2,662,437
RAC: 0
Message 501 - Posted: 25 Aug 2015, 12:02:25 UTC - in response to Message 487.  
Last modified: 25 Aug 2015, 12:56:59 UTC

Al lot of the well-known scanner tells there is a problem. Look here:
virustotal.com
At the moment I can´t download the file.
ID: 501 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Krzysztof Piszczek - wspieram Polski projekt BOINC
Project administrator
Project developer
Project tester
Avatar

Send message
Joined: 4 Feb 15
Posts: 666
Credit: 89,789,965
RAC: 118
Message 505 - Posted: 25 Aug 2015, 18:14:42 UTC - in response to Message 501.  

I'm very curious how the engines decide that is dangerous file as it not search anything on disk, not send anything to internet (manager does) etc...
As far as I know from my practice this happened quite often with BOINC applications...
Krzysztof 'krzyszp' Piszczek

Member of Radioactive@Home project team
My Patreon profile
ID: 505 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
hsdecalc

Send message
Joined: 2 Mar 15
Posts: 6
Credit: 2,662,437
RAC: 0
Message 521 - Posted: 3 Sep 2015, 17:29:15 UTC

I sent a amessage to the lab, answer (in german):

...
unser Virenlabor hat ein Update veröffentlicht, welches das Problem behoben hat.
Sollte das Problem weiterhin bestehen, so melden Sie sich bitte erneut.
Vielen Dank


So the problem is solved (Bitdefender).
ID: 521 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Ananas

Send message
Joined: 26 Mar 15
Posts: 52
Credit: 1,737,270
RAC: 0
Message 560 - Posted: 27 Sep 2015, 5:14:28 UTC
Last modified: 27 Sep 2015, 5:20:09 UTC

Some hosts (not mine) get this message :
<message>
app_version download error: couldn't get input files:
<file_xfer_error>
  <file_name>universe-xray_sources_v3_2_windows_intelx86.exe</file_name>
  <error_code>-224 (permanent HTTP error)</error_code>
  <error_message>permanent HTTP error</error_message>
</file_xfer_error>

</message>

The file is not missing in the download directory, so this might be a result of this false virus alert I guess (?)

p.s.: the code tag doesn't do what it is supposed to,
same for pre
ID: 560 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
[AF>EDLS]zOU

Send message
Joined: 13 Sep 15
Posts: 4
Credit: 3,197,867
RAC: 0
Message 562 - Posted: 27 Sep 2015, 12:48:25 UTC

same issue with Mac Afee Viruscan Enterprise
ID: 562 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Dr Who Fan
Avatar

Send message
Joined: 20 Feb 15
Posts: 18
Credit: 725,092
RAC: 15
Message 579 - Posted: 4 Oct 2015, 8:37:47 UTC

OPEN REPLY TO ANY ONE USING ANTIVIRUS / ANTI-MALWARE SOFTWARE & BOINC:
DISABLE the REAL-TIME SCAN of ALL BOINC DIRECTORIES / FOLDERS to avoid receiving False Positive Scan Results.

ID: 579 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Ananas

Send message
Joined: 26 Mar 15
Posts: 52
Credit: 1,737,270
RAC: 0
Message 580 - Posted: 4 Oct 2015, 12:11:27 UTC - in response to Message 579.  

Those download errors I mentioned above - is it possible that the files are already rejected on a proxy server? In this case there would be hardly a chance to fix it, if the scanner on the proxy doesn't support whitelists.
ID: 580 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Krzysztof Piszczek - wspieram Polski projekt BOINC
Project administrator
Project developer
Project tester
Avatar

Send message
Joined: 4 Feb 15
Posts: 666
Credit: 89,789,965
RAC: 118
Message 759 - Posted: 18 Nov 2015, 13:36:24 UTC
Last modified: 18 Nov 2015, 13:36:37 UTC

Yesterday I have published Windows 64bit application but I see that probably it is rejected by another false positive alarm on your hosts... Can somebody confirm this for me, please?
Krzysztof 'krzyszp' Piszczek

Member of Radioactive@Home project team
My Patreon profile
ID: 759 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Post to thread

Message boards : Number crunching : False positiv virus alarm? Trojan.GenericKD.2649361 found.