I received an infection alert from my Avast AV software, advising that while contacting the server, BOINC attempted to download a file infected with malware. The connection was blocked and aborted. Here is the advisory that I received:

https://plus.google.com/+PeterCEqualityFrank/posts/DtLHFDLbRMB?pid=6152120900400253026&oid=106600597250549324874

BOINC may have done the downloading - that's its job, that's what it's designed to do.

The warning is about the file it was downloading, which appears to have been a recent update to a SETI@Home Beta application.

If you participate in a Beta testing programme, please report errors, anomalies, warnings, suggestions for improvement etc. to the project concerned - in this case, the SETI@home/AstroPulse Beta Message boards. [The image only shows part of the file name, so it isn't clear whether it was a SETI@Home application or an Astropulse application that you were testing]

Thanks. I've posted this info over there. I guess I got freaked out a little bit as I've never received such an error ever since joining SETI@home in 1999 ... and couldn't get past having received the alert to decipher which project was downloading an infected file. :/

Unfortunately, there was no way for me to see the entire path of the file, so I'm not certain what it was. I tried C&P and nothing worked to reveal the full path -- that's something I'll be bringing up with the folks from Avast, separately.

Thanks again for your help. I hope the SETI folks can figure out what's going on with their files. :/

I can't find your report at SETI Beta, but never mind. Looking at the tasks your computer has been allocated recently, I think the file must have been setiathome_7.06_windows_intelx86__opencl_intel_gpu_sah.exe.

I've run that file through virustotal, and got a few generic warnings. The Avast! engine check is reporting Win32:Malware-gen, which it is notorious for doing this with new program files (this one was first loaded for testing on 20 May 2015, and there won't be many testers with intel GPUs running it yet).

The trouble is that many BOINC project application files behave in ways very similar to malware: they run without a user interface, and they send information from your computer to the internet. Well, the BOINC client does the actual sending, but some anti-virus programs still think they're suspicious.

I would judge this to be a false alarm, but look at the whole virustotal report and decide for yourself. If you trust the SETI project to have taken all necessary precautions (and I do), then please continue with your testing. You will probably find you you have to temporarily disable Avast's internet shields while you download a fresh copy of the program, before you can process the tasks you've been allocated.

He posted it at Seti@Home - Windows Help.

---