AVG complaining

Case number:699969-994386
Topic:General
Opened by:Angus
Status:Open
Type:Suggestion
Opened on:Wednesday, January 23, 2013 - 16:01
Last modified:Sunday, June 14, 2015 - 07:59

Just a heads-up -

My latest update to AVG anti-virus (6:30 AM PST 1/23/13) complains about foldit.exe being a threat.

Hopefully this is a false positive !

(Wed, 01/23/2013 - 16:01  |  7 comments)


tamirh's picture
User offline. Last seen 4 years 22 weeks ago. Offline
Joined: 05/11/2012

We've had past instances with anti-virus software giving false positives on either the installer or foldit.exe itself. Just make sure to download the installer directly from the http://fold.it website and everything should be fine.

I've reported the false positive to AVG and I'll post again if there are any updates from them. Let us know if subsequent updates to AVG still detect foldit as a threat.

Thanks

Joined: 06/17/2010
Status: Open » Open

It is probably because of boinc part, it is sometimes claimed as malware.
IRC part can be also suspected by AVs as used in trojans.

LociOiling's picture
User offline. Last seen 1 hour 26 min ago. Offline
Joined: 12/27/2012
Groups: Beta Folders
Status: Open » Open

Norton 360 has gone insane on my Windows 8.1 desktop, warning of Trojan.Gen.SMH in foldit.exe.

The "Gen" part is for "generic": the Symantec page at http://www.symantec.com/security_response/writeup.jsp?docid=2013-041522-2144-99 says "[a] generic detection is used because it protects against many Trojans that share similar characteristics".

I'll double-check all my foldit.exe's once the current puzzle ends, but probably just a false alarm. Oddly, no such issues on my Win 7 laptop, which of course is running the same foldit.exe, and the same Norton 360.

A screenshot of Norton's "File Insight" is attached.

alcor29's picture
User offline. Last seen 6 hours 19 min ago. Offline
Joined: 11/16/2012

Today, June 3, 2015, and on 6/1/2015 my regular live Norton quarantined a high risk virus:

>>>Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
6/3/2015 6:43:18 PM,High,foldit-win_x86 (1).exe (Trojan.Gen.SMH) detected by Virus scanner,Quarantined,Resolved - No Action Required,<<<<

Since I did not open the client on 6/3, yesterday, I must now conclude that the virus is active on the website! Can this convo be forwarded to jflat or whoever is responsible for the website?

Susume remarked: "notice that the affected file is foldit-win_x86(1).exe - I believe this is not the foldit executable but the foldit installer."

NOTE: This problem was first noticed on 12/19/2014, but not again till 6/1 & 6/3/2015.

alcor29's picture
User offline. Last seen 6 hours 19 min ago. Offline
Joined: 11/16/2012

Note: Win7. Norton 360.

LociOiling's picture
User offline. Last seen 1 hour 26 min ago. Offline
Joined: 12/27/2012
Groups: Beta Folders

A little followup on the most recent anti-virus issue.

There's a 2014 version of foldit.exe, with a size of 267,264 and a date of 11/21/2014 as seen in a Win 7 command window. Internally, the build date is Wed Nov 19 20:35:39 2014. I have this version on my laptop clients, and Norton seemed fine with it during the recent incident.

On my desktop, I still had the 2012 version of foldit.exe, with a size of 221,696 and an external date of 12/18/2012. The internal timestamp on that one is Tue Dec 18 19:05:48 2012. Norton was having problems with this version.

I just tried scanning the 2012 version again on my laptop, and Norton didn't find any problems. I suspect that Norton did something to fix their virus signatures.

jeff101's picture
User offline. Last seen 1 day 1 hour ago. Offline
Joined: 04/20/2012
Groups: Go Science

On May 15, 2015, I downloaded Foldit-win_x86.exe 141MB from
a Foldit page like http://fold.it/portal/ and installed some
new clients on a Windows 8.1 machine. As each client installed,
McAfee detected a Trojan and wanted to fix it. McAfee said the
Trojan was profiler.gen.ac for each foldit.exe set up.

Do you think this was a false alarm or something I should try to fix?
What would you do to fix it?

Also, http://fold.it/portal/node/992457 says how in April 2012
my firewall on a different Windows machine blocked Foldit
so I kept getting the error message:

"couldn't connect to server: Error contacting server"

Sitemap

Developed by: UW Center for Game Science, UW Institute for Protein Design, Northeastern University, Vanderbilt University Meiler Lab, UC Davis
Supported by: DARPA, NSF, NIH, HHMI, Microsoft, Adobe, RosettaCommons