Folding Forum

[caintry_boy]

Got up today and checked my Folding Farm out. 2 out of 6 rigs had pop-ups that a Trojan Win32:Swizzor was found in C:\FAH\FahCore_a1.exe...........
My antivirus on both of those machines is Avast4. Is this an Avast problem or is it possible that something is coming in with the core??? I cleaned both, and restarted (meaning it had to download new Core's) and on downloading new Core's Avast goes crazy!!! I can't get a new core downloaded and running.


Help please......

[MysticGold04]

See my post on this subject... no trojans. Just add the folder where the F@H files reside to the exclusions in Avast. I scanned the core with another AV, plus Spybot and Anti-Malware, no issues...

[7im]

Avast is a known offender for giving false positives. There are many such posts on this forum, and when the system is scanned again with other AV softwares, none of them turn up the same problem.

The big three AV vendors have online scans for free, try one of those to confirm.

[caintry_boy]

See my post on this subject... no trojans. Just add the folder where the F@H files reside to the exclusions in Avast. I scanned the core with another AV, plus Spybot and Anti-Malware, no issues...

Didn't work for me....still popping up with a warning.....




edit: thanks 7iM! I'm pretty sure it's a false positive, I just need to get the right info in my Avast settings so it'll quit this.
edit #2: I think I got it straightened out......

[StrategyFreak]

I got this as well; I added this to the exclusions list and it went away.

[MtM]

If you have a suspicious file and want to be sure about wether it's an actual virus or not, http://www.virustotal.com/ is a good place to go. It will scan your submitted file with a long list of known anti virus packages and will show you the complete results. This has helped me allot in the past, as some av's are indeed giving false positives, where others allowed files which my fw for instance notified me of potential security issues and they turned out to be suspicious atleast when scanned with more solutions.

Offcourse, even scanning with 20+ known virus scanner and coming up as clean doesn't mean it's 100% clean, but it's as close as it can get.

[caintry_boy]

Yup! I did that and only got two "hits", my antivirus and one other. That pretty much verified my feeling that it was an FP.

[Drewpy]

Got this too.

Tried adding the directory to the exclusions list. But it kept popping up with a Trojan warning anyways, even after restarting Avast, and multiple reboots. Software that doesn't do what I tell it to, or uses obscure methods to accomplish what I want is one of my pet peeves. Setting up a directory exclusion should be straightforward. Type in the directory, and hit OK... Apparently not the case with Avast.

My solution as of 5 minutes ago: Avira Free Personal Antivirus

Now I'm safe(r?) and folding again!

[jebo_4jc]

I can't get Avast to ignore the FAH directory either.

Caintry boy, did you really get it working?

[Goobee]

What you do is disable "on-access protection" and let the core fully download and start. Then go into Avast, browse to the "offending" file and check it and exit. Then you can restart "on-access protection" and the warnings will no longer occur.

[caintry_boy]

I can't get Avast to ignore the FAH directory either.

Caintry boy, did you really get it working?

Yes, but only after doing exactly what Goobee said in the post above this....../\




edit: Thanks Goobee!!! Thanks to everyone else too, I just wasn't adding the "Exclusion" properly.....

[Golden Dragoon]

Was having the same issue, stopping the on access protection briefly then starting up F@H seems to work, they should have sorted it out in the next avast update, I submitted the fahcore_a1.exe to them as a false positive anyway.

[toTOW]

I've seen a similar report on my team forums ... several reports about this trojan in the A1 core
If you test this core with another AV, you'll notice that there's nothing wrong with it.

Avast has always caused troubles with false positives with FAH (usually on work files), and I always advised to use Avira AntiVir instead of Avast ... (I use it on all my machines, I never faced issue with FAH and I never got any infection)

[Golden Dragoon]

I used to use AVG, until it decided to stop updating itself, even reinstalling wouldn't let it stick to its scheduled update and scan, so I got frustrated and tried avira, but it constantly bothers you to upgrade to a non free version, plus when scanning it would slow my machine to a crawl (which on a highly oc'ed quad you wouldn't expect) avast seems to run much faster, and uses next to no system resourses with it's resident scanner, this false positive is the only problem I have ever had, and it's not like it is hard to exclude the fah folder, though I do plan to take it out of the excluded folder as soon as the new definitions update comes out, as I don't like the fact that a virus could reside there but not be found.