Malware in downloaded Rosetta files

Message boards : Rosetta@home Science : Malware in downloaded Rosetta files

To post messages, you must log in.

AuthorMessage
thekimaus

Send message
Joined: 1 Jan 06
Posts: 3
Credit: 3,570,326
RAC: 0
Message 81208 - Posted: 22 Feb 2017, 6:11:10 UTC

Hi, I do not know how to contact anyone of the IT board, so I hope someone of the crew reads the threads here.
I've got a malware information: there have been 2 infected files within Rosetta downloads.

Process:
/Library/Application Support/BOINC Data/projects bonic.bakerlab.org_rosetta/minirosetta_3.73_x86_64-apple-darwin
file:
/Library/Application Support/BOINC Data/slots/4/boinc_minirosetta_4

Process:
/Applications/BOINCManager.app/Contents/Resources/boinc
file:
/Library/Application Support/BOINC Data/slots/4/boinc_mmap_file

ID: 81208 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile dcdc

Send message
Joined: 3 Nov 05
Posts: 1829
Credit: 114,442,195
RAC: 55,972
Message 81211 - Posted: 22 Feb 2017, 15:03:34 UTC

Can you give more info? Why do you think they are infected? I.e. what program is saying they are?

D
ID: 81211 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
thekimaus

Send message
Joined: 1 Jan 06
Posts: 3
Credit: 3,570,326
RAC: 0
Message 81212 - Posted: 22 Feb 2017, 15:23:38 UTC

Thanks for answer!
I'm running BOINC on a mac, OSX Yosemite, Version 10.10.5 (Late 2014)
with AVAST Mac Security 2016 for virus protection.
AVAST says the infection is "VBS:Malware-gen", user is boinc_master resp. boinc_project.
Since this morning AVAST has taken several files into virus container.

Does that help? AVAST does not give deeper details, sorry.

Regards,
thekimaus
ID: 81212 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Mod.Sense
Volunteer moderator

Send message
Joined: 22 Aug 06
Posts: 4018
Credit: 0
RAC: 0
Message 81219 - Posted: 24 Feb 2017, 2:13:28 UTC

It wouldn't be the first time an anti-virus application thought it saw signs of a virus in the downloads. Unfortunately, the AV vendors often take considerable time to react to reports of such false positives. In general, the simplest solution is to figure out how to whitelist bakerlab.org. If that is not possible, and you are required to run that AV application, you may not be able to run Rosetta successfully.
Rosetta Moderator: Mod.Sense
ID: 81219 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
thekimaus

Send message
Joined: 1 Jan 06
Posts: 3
Credit: 3,570,326
RAC: 0
Message 81230 - Posted: 24 Feb 2017, 19:55:46 UTC - in response to Message 81219.  

Seems that AVAST was a little bit nervous, after the actions on the day before yesterday the alarm didn't come up again.
I had not stopped Rosetta, as there have been some tasks in process and others waiting for crunching, which had not initiated any virus alarm, and new tasks downloaded afterwards are obviously accepted by AVAST.

I happily go on crunching, but thanks a lot for trying to help.
:-)
ID: 81230 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote

Message boards : Rosetta@home Science : Malware in downloaded Rosetta files



©2024 University of Washington
https://www.bakerlab.org