Malware Found By Avira
22 Jul 2010 11:52:01 UTC
Topic 195205
(moderation:
I just received this message after an Avira virus scan: \BOINC\projects\einstein.phys.uwm.edu\einstein_S5R4_6.10_graphics_windows_intelx86.exe'
contained a virus or unwanted program 'TR/GerVar.376832' [trojan] Does anyone know if this is a false positive? or a real infection?
Thanks
Joe B
Malware Found By Avira
)
See also
swizzor virus detected in einstein@home downloads
or
Trojan virus in application EINSTEIN_S5R3_4.26_GRAPHICS_WINDOWS_INTELX86.EXE
or do an Advanced search for "virus graphics" over a period of six months :-)
Gruß,
Gundolf
Computer sind nicht alles im Leben. (Kleiner Scherz)
Thanks for the reply. I ran
)
Thanks for the reply. I ran the file through VirusTotal as the link http://einsteinathome.org/node/194800 suggested and the result was a mixed bag.
Is einstein_S5R4_6.10_graphics_windows_intelx86.exe used in the screen saver or is it more basic to the running of einstein work? I don't use the screen saver and will quarantine the program if that is all it does.
Thanks
Joe B
The S5R4 run is long over!
)
The S5R4 run is long over! The only Einstein graphics application I have on my host are:
einstein_S5R5_3.05_graphics_windows_intelx86.exe
einstein_S5R6_3.01_graphics_windows_intelx86.exe
einsteinbinary_ABP2_3.03_graphics_windows_intelx86.exe
and I'm not sure if they're all up to date either.
Gruß,
Gundolf
Computer sind nicht alles im Leben. (Kleiner Scherz)
It is now "toast". Thank you
)
It is now "toast".
Thank you
Joe B
RE: The S5R4 run is long
)
einstein_S5R6_3.01_graphics_windows_intelx86.exe was and is used for S5R6, S5GCE and S5GC1. einstein_S5R5_3.05_graphics_windows_intelx86.exe ist outdated and can be deleted (IIRC it's even identical to einstein_S5R6_3.01_graphics_windows_intelx86.exe)
BM
BM
got the following from
)
got the following from norton
Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
9/15/2010 11:02 PM,High,einstein_s5gc1_3.02_windows_intelx86__s5gcesse2.exe detected by SONAR,Quarantined,Resolved - No Action
is this an e@h piece or somebody masking as you?
if you, how do i prevent this?
RE: got the following from
)
This is most likely a false positive. Still there's always a possibility that a virus infected a E@H program AFTER it was downloaded from the E@H servers.
In cases like this , it's good too follow Jord's advise in this thread here.
Once you establish that the file is not infected, you can release it from your anti-virus software's quarantine and should then be able to continue crunching.
CU
HB
RE: RE: got the following
)
Most of us just exempt the Boinc directory from the AV scanner because it ONLY connects to the Project. And if a project started sending out a virus, holy heck would be raised and you would not be the only one having the problem!
As noted, it is ever so
)
As noted, it is ever so improbable that E@H is the source of trouble here. From our rules and policies :
Almost needless to say, but that's all the detail you're likely to get about that! :-)
Cheers, Mike.
I have made this letter longer than usual because I lack the time to make it shorter ...
... and my other CPU is a Ryzen 5950X :-) Blaise Pascal