Symantec Norton AntiVirus detecting Suspicious.Swizzor in Work Units

I presume both of you understand that the most likely reason for this is a deficiency in your anti-virus system which results in a "false positive" detection? Hopefully you have reported this to your anti-virus provider so that they can fix their software if it really is a false positive. It is extremely unlikely that EAH data files actually do contain a virus.

In the meantime until you receive updated virus definitions, you should consider configuring your anti-virus software so as to exclude scanning the BOINC data folder and sub-folders. This should allow BOINC to continue working without unnecessary hindrance.

You left out the part where you said that Einstein had rescanned it files and found nothing, thereby leading you to suggest we turn off the scanning of the Boinc folder. Until you rescan your files it seems premature to suggest automatically that it is a false positive. I agree that it PROBABLY is a false positive, but I am not turning off anything until you guys say you have re-scanned the files and found nothing wrong on your end OR my anti-virus folks tell me it is their fault. Assuming is how people get problems in the first place.

Over at ABC someone posted that Avast has updated their signatures and all is fine again. I have updated my signatures but since my other project downloaded a ton of units I haven't started processing any yet to know when Boinc touches a unit to know if it is still reporting a problem.

Mikey,

I haven't left anything out and nor have I "assumed" anything. There is simply not the pressing need to "rescan" the files in question - the E@H data files - as you so dramatically assert. Also, you should read more carefully what was actually written. I didn't say "automatically" that it must be a false positive. I did say it was "most likely" to be that. I also said that people "should consider" turning off scanning of BOINC data folders. I chose those words to make it clear that it's an opinion that people can accept or reject as they see fit.

The files, when originally created, were protected by an MD5 checksum. If someone has subsequently "interfered" with any data file, your BOINC client would notice when it recalculated the MD5 sum and found a difference. Your BOINC client would reject the file well before any virus scanner needed to deal with it. That's why it is a reasonable course of action to advise people to consider excluding the BOINC Data tree from the list of places to scan.

Of course, these days, virtually anything is possible so I'm sure prudent staff at the project would have taken a quick look just to make sure all is as it should be. However it really serves no useful purpose to overdramatise something that is unlikely to be a problem at all.

How can I not have considered exactly this? That is exactly what I am!

There are millions of us pre and actual baby boomers around who had well and truly completed our formal educations way before the first personal computers appeared.

Actually, not at all, but you do need to reconsider what will happen if you continue to insult those who try to help you.

Yes, you were, and you had an answer in very plain English from Ageless in less than 5 minutes from the time you posted. BTW, English is not Ageless' mother tongue but even so his answer was simple and very much to the point.

It'll be a bit hard to rejoice because chances are that I'll be dead too! You really do need to get rid of that chip and realise that people really don't have it in for you.

Have you reviewed Ageless' post in the other thread or my response to you in this thread?? How can you say that either response was anything but plain English? Essentially, both messages were making three points to you, which are:-

• * The message you are concerned about is most likely a "false positive".
  * This is something that can only be confirmed and fixed by your anti-virus software supplier.
  * You can stop the annoying messages and unwanted interference in BOINC's legitimate activities by preventing your anti-virus software from scanning the places on your hard disk where the BOINC data files are stored, which is a user configuration option you need to perform, if you wish.
  

If you didn't understand "false positive" did you try throwing "virus false positive" into google? If you didn't understand "scan BOINC data directory" did you try throwing something like "prevent antivirus scan data directory" into google. If you didn't try google - why not?

With the greatest of respect, that is total codswallop.

You don't have to do anything of the sort, but you can certainly choose to of your own free will if you don't want to reconfigure your anti-virus software by yourself. At the very least you could have asked for help immediately after my first response by asking, "How do I stop scanning the BOINC data directory"? Since I don't use Symantec, I actually don't have a clue but I'd play with google and give you this response I found, which may be version dependent, but should be pretty close.

To configure exclusions for a scheduled scan from within Symantec AntiVirus
1. Start Symantec AntiVirus.
2. Click Scheduled Scans.
3. Create a new scan, or select the scan you wish to configure, and click Next twice.
4. Select the drives, folders, or files to scan.
5. In the lower-right corner, click Options.
6. Click Exclude files and folders.
7. Click Exclusions.
8. Click Files/Folders to create the exclusions.
9. Exclude all necessary folders by clicking once in the empty box to the left of each directory.

Actually, on second thoughts, I'd probably just tell you to google for the instructions.

PS: The word "directory" is the original Unix term for a file that contains (the storage details of) other ordinary files. "Folder" is the Microsoft equivalent term. The two terms mean exactly the same. Even Symantec used both in their instructions.

PS2: The world really isn't out to get you, embarrass you, or make you feel totally inadequate. Each of us are all perfectly capable of doing that to ourselves without any help from the world (who really couldn't care less anyway).

PS3: Your motto for each day should be to throw a single gobble-de-gook term into google and keep exploring the links returned until it all becomes clear. At the end of a year you'll have rid your world of 365.25 (and a bit) gobble-de-gook terms and you'll be able to feel very superior about this :-).

Good luck with your de-gobbledegooking crusade.