# BOINC Ransomware Behavior



## bviperz (Apr 14, 2020)

I keep getting notifications from my anti-virus software that ransomware behavior originating from a BOINC process was blocked and that my files are safe.  Is this normal?  Any insight would be appreciated.  My anti-virus is Bitdefender Total Security.


----------



## blobster21 (Apr 14, 2020)

Is it the BOINC client specifically or the many WCG threads that triggered BitDefender ?

My own boinc.exe process sit idle most of the time with 0% CPU usage.







I have Trendmicro Internet Security running on this machine and so far i received no ransomware alerts coming from any boinc processes.


----------



## jlewis02 (Apr 14, 2020)

Mine has been ok.


----------



## xvi (Apr 15, 2020)

It has some malware-like behavior that could make some anti-virus programs nervous. By design, the projects it downloads workloads from a remote source and executes them (which is very virus-like behavior). Those workunits then load up your CPU which is, again, very virus-like. It would act very similar to a virus that is trying to use your PC to mine bitcoin/altcoins.

I would chalk it up to the anti-virus program you have being overly paranoid, but the final call is up to you.


----------



## stinger608 (Apr 15, 2020)

xvi said:


> It has some malware-like behavior that could make some anti-virus programs nervous. By design, the projects it downloads workloads from a remote source and executes them (which is very virus-like behavior). Those workunits then load up your CPU which is, again, very virus-like. It would act very similar to a virus that is trying to use your PC to mine bitcoin/altcoins.
> 
> I would chalk it up to the anti-virus program you have being overly paranoid, but the final call is up to you.



Yep, as @xvi stated here, it's most likely a false positive due to the load on CPU power.


----------



## phill (Apr 18, 2020)

I've not had any issues and used to run this at work with Trend and at home it's just the usual MS's own antivirus...


----------

