Sign In
Register
Avast Antivirus is flagging 7.0a as infected with IDP.Generic
From what I can find, this just means that it is flagged as some sort of P2P software - so all it is telling me is that the software is functioning as intended - and it isn't an actual virus / trojan.
Can anyone else clarify?
I've never had anything pop up from the antivirus with any previous emule versions I've installed.
Page 1 of 1
Avast Antivirus Flagging 7.0a As Infected
Back to top
Reply
#2
- Golden eMule
-
- Group: Members
- Posts: 4974
- Joined: 13-May 07
Posted 18 October 2023 - 10:10 AM
False positive; it happens randomly. The best strategy is to inform the antivirus maker and request to fix their malware detector.
#3
- Newbie
-
- Group: Members
- Posts: 13
- Joined: 19-December 22
Posted 18 October 2023 - 01:04 PM
fox88, on 18 October 2023 - 11:10 AM, said:
False positive; it happens randomly. The best strategy is to inform the antivirus maker and request to fix their malware detector.
Thanks for the suggestion - will look into how I can let them know this.
#4
- Advanced Member
-
- Group: Members
- Posts: 50
- Joined: 17-March 08
Posted 21 October 2023 - 11:10 PM
Antiviruses usually have one over-sensitive category that can be turned on or off by the user. Windows Defender calls it "PUA" potentially unwanted software, Kaspersky has "stalkerware". Unless you want to run your own computer clean as a sensitive workplace you can just turn it off.
#5
- Newbie
-
- Group: Members
- Posts: 3
- Joined: 06-October 20
Posted 26 October 2023 - 04:01 AM
I just analyzed the eMule v0.70a community that I downloaded from GitHub with the recently updated* Avira antivirus and there is no warning
And I do not have the Potential Unwanted Applications (PUA) box disabled, I have tried to analyze eMule by activating the Fraudulent software box but there is no warning either
If you still get the warning, try deactivating those boxes, they are in the following route: Avira Settings --> SECURITY --> Protection options --> Threat categories
*Version Avira 1.1.95.7, SDK Version 1.0.2310.1254, VDF Version 8.20.11.22
And I do not have the Potential Unwanted Applications (PUA) box disabled, I have tried to analyze eMule by activating the Fraudulent software box but there is no warning either
If you still get the warning, try deactivating those boxes, they are in the following route: Avira Settings --> SECURITY --> Protection options --> Threat categories
*Version Avira 1.1.95.7, SDK Version 1.0.2310.1254, VDF Version 8.20.11.22
#6
- Splendid Member
-
- Group: Members
- Posts: 161
- Joined: 20-March 04
Posted 02 November 2023 - 09:56 AM
gonzifp, on 26 October 2023 - 02:01 PM, said:
I just analyzed the eMule v0.70a community that I downloaded from GitHub with the recently updated* Avira antivirus and there is no warning
And I do not have the Potential Unwanted Applications (PUA) box disabled, I have tried to analyze eMule by activating the Fraudulent software box but there is no warning either
If you still get the warning, try deactivating those boxes, they are in the following route: Avira Settings --> SECURITY --> Protection options --> Threat categories
*Version Avira 1.1.95.7, SDK Version 1.0.2310.1254, VDF Version 8.20.11.22
And I do not have the Potential Unwanted Applications (PUA) box disabled, I have tried to analyze eMule by activating the Fraudulent software box but there is no warning either
If you still get the warning, try deactivating those boxes, they are in the following route: Avira Settings --> SECURITY --> Protection options --> Threat categories
*Version Avira 1.1.95.7, SDK Version 1.0.2310.1254, VDF Version 8.20.11.22
Submit your flagged file for analysis and they will update their signature patterns if necessary. As a developer, I have had this problem a few times over the years with some anti-virus products and the vendors were very rapid with their response and updated their signature files to stop detecting my files as suspect - it is in their own interest to keep customers confident in their product.
Consider: You *MAY* have an infected version, and it has detected it, as designed.
Turning off anti-virus recognition is just inviting strife - fix the underlying problem (false detections) rather than bypass them.
For a very substantive confirmation, submit the file to VirusTotal, where it will analyse it against a number of leading anti-virus products. If a a majority of them flag it as suspect, take it as suspect. If only Avira fags it as suspect, then it is most likely not infected.
Hint for young players. Never, ever have multiple anti-virus products running on your computer. They will stumble over each other and slow your system down considerably. Keep the free version of MalwareBytes as a second defence toolkit to your anti-virus software - it is anti-malware and not anti-virus software, and will pick up a lot of the trash that can be a danger when using peer-to-peer software such as eMule over the internet to download from unknown strangers. Not everybody has your best interests at heart.
This post has been edited by emule_user_downunder: 02 November 2023 - 09:58 AM
#7
- Advanced Member
-
- Group: Members
- Posts: 92
- Joined: 21-February 05
Posted 02 November 2023 - 07:26 PM
As well as PUA, there's also files that have a low reputation, which simply means it hasn't been seen much and the A/V
hasn't put it on it's whitelist.
Most AV's do this, but you can turn off this behaviour if you're confident and you understand what you're doing
hasn't put it on it's whitelist.
Most AV's do this, but you can turn off this behaviour if you're confident and you understand what you're doing
Page 1 of 1
