Hi,
I would like to know if by reinstalling BOINC, I have been running SETI@HOME since 2008, do I lose all my credits, by that I mean do I have to start from zero. The reason I have to uninstall is because I have discovered a Trojan hidden in my BOINC program on my computer. The only way I can get rid of it I think is by uninstalling BOINC and reinstalling. I have followed the path, used my antivirus and it seems to be clear but another program keeps telling me it's still there.
c:\programdata\boinc\projects\setiathome.berkeley.edu\setiathome_8.00_ win... --- tr\crypt.xpack.gen2

Windows 10
BOINC V: 7.8.3
Seti@home

Thanks,

Elrico.

Reinstalling Boinc won't have an effect on your credits. Accounts and credit records are stored by projects, not by Boinc.

It's quite possible you might be having false positives. See the 7.8.3 announcement thread in News.
http://boinc.berkeley.edu/dev/forum_thread.php?id=11932

If you're absolutely paranoid, you can wipe the entire folder. Any current work and any customizations will get wiped out. If you're using a BOINC manager like BAM, just reconnect. It's 50/50 whether BAM will pick up your computer as the same system or think it's a new one.

Alternatively, you might have be able to submit the file to your Antivirus company as a possible false positive.

Also alternatively is to download another (free) antivirus to see if it is also seeing the file(s) as infected.

~Y

Uninstalling & re-installing BOINC will not remove any files in the c:\programdata\boinc\projects\setiathome.berkeley.edu\ folder structure.
The file does not look like any of those associated with SETI@Home so it may be one that has arrived from a third party source.
You say "another program" says this file is present, but your AV says it is clear, which AV software are you using and what "other program" reports it?
I'm sure if you google the last part of the name (crypt.xpack.gen2) you will find removal instructions. It is quite probable that this Trojan will be lurking in a number of other locations on your computer, thus may take some effort to evict it permanently.

The program that reports it is called REIMAGE and my AV is ZONE ALARM, both are fully up todate.

Did a quick search on that name. Here's one set of removal info from Avira:
https://answers.avira.com/en/question/what-is-trcryptxpackgen2-6200

There's other results too although I imagine the methods will be similar.

Booting into safe/recovery mode may allow you to get rid of it as it may not be loaded in that mode.

You could also try seeing if its in the registry and deleting the entr(ies) and rebooting. Also check the task scheduler in case something is getting loaded via that route.


BTW, do you have hidden files viewable? If not and it has the hidden attribute, that could explain why you can't see it.