New boinc manager and AVG

Message boards : Questions and problems : New boinc manager and AVG
Message board moderation

To post messages, you must log in.

AuthorMessage
boboviz
Help desk expert

Send message
Joined: 12 Feb 11
Posts: 410
Italy
Message 105790 - Posted: 18 Oct 2021, 9:27:42 UTC

At the end of 7.16.20 installation, my AVG antivirus said that "boinc.scr" is infected by IPD.Generic.
I created exception for this, but it's not a good message to see.
ID: 105790 · Report as offensive
Richard Haselgrove
Volunteer tester
Help desk expert

Send message
Joined: 5 Oct 06
Posts: 5077
United Kingdom
Message 105791 - Posted: 18 Oct 2021, 10:14:22 UTC - in response to Message 105790.  

It's a very common observation after the release of a new computer program. Modern anti-virus programs do far more than scan the files stored on your hard disk for known threats. They commonly also include behavioral analysis, which the boinc client (in particular) can trigger: the boinc client doesn't have a visible screen display, uses your computer at high power, and communicates extensively over the internet. All very suspicious!

The other thing that AV programs can do is check their company's database of known programs and their reputation. New programs don't yet have a reputation, and haven't been though a full evaluation in the AV company's labs. So they can panic: the fuss usually dies down in a few days.

It's slightly unusual to see such a report on the screensaver module within boinc: that will have changed little, if at all, in the new release, and it doesn't exhibit the same suspicious behaviour as the client. But the general advice with an unexpected warning like this is to check the offending file(s) with a service like virustotal, which can compare the reports on an uploaded file from a range of independent anti-virus products.
ID: 105791 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2516
United Kingdom
Message 105792 - Posted: 18 Oct 2021, 11:37:15 UTC

This has reminded me to install clamav on my Linux box. Haven't done any checks since I got the Ryzen machine. In fact the old logs from my home directory that was copied across don't show a scan since 2017 when a couple of emails with dodgy attachments came in. (My reason for installing it then) The suspicious files were indeed dodgy but only capable of infecting Windows computers and given the suspicious nature of them were unlikely to be forwarded by me to anyone else.
ID: 105792 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2516
United Kingdom
Message 105794 - Posted: 18 Oct 2021, 13:02:05 UTC - in response to Message 105791.  

And nothing in my WINE installation of 7.16.20 showing up, though a number of other things did, mostly in my firefox cache that are harmless to Windows never mind a Linux distro.
ID: 105794 · Report as offensive
boboviz
Help desk expert

Send message
Joined: 12 Feb 11
Posts: 410
Italy
Message 105796 - Posted: 18 Oct 2021, 13:52:01 UTC - in response to Message 105791.  

The other thing that AV programs can do is check their company's database of known programs and their reputation. New programs don't yet have a reputation, and haven't been though a full evaluation in the AV company's labs. So they can panic: the fuss usually dies down in a few days.


I know it's a false positive, but it's annoying for a first-time user
ID: 105796 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15477
Netherlands
Message 105797 - Posted: 18 Oct 2021, 13:55:15 UTC - in response to Message 105796.  

There's exactly nothing we can do about it, as it's AVG that throws the warning. So if you have to ask someone to fix it, it's them.
ID: 105797 · Report as offensive

Message boards : Questions and problems : New boinc manager and AVG

Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.