+- Dolphin, the GameCube and Wii emulator - Forums (https://forums.dolphin-emu.org)
+-- Forum: Dolphin Emulator Discussion and Support (https://forums.dolphin-emu.org/Forum-dolphin-emulator-discussion-and-support)
+--- Forum: Support (https://forums.dolphin-emu.org/Forum-support)
+--- Thread: Trojan "idp.ares.generic" in 5.0-9939 (/Thread-trojan-idp-ares-generic-in-5-0-9939)
Pages:
1
2
Trojan "idp.ares.generic" in 5.0-9939 - CrazyStar5555 - 04-12-2019
Hey just a heads up. Avast pointed the dolphin64.exe as having a this type of malware in it, and as something that never happened before, figured it was worth pointing it out.
Not sure if it is a mistake so can someone reliably check it please?
RE: Trojan "idp.ares.generic" in 5.0-9939 - Billiard26 - 04-12-2019
As far as I know we don't distribute a file called Dolphin64.exe. From where did you download it?
RE: Trojan "idp.ares.generic" in 5.0-9939 - Helios - 04-12-2019
Don't download Dolphin from places other than dolphin-emu.org
RE: Trojan "idp.ares.generic" in 5.0-9939 - JosJuice - 04-12-2019
Reopening the thread. We don't know for sure if they downloaded it from somewhere else, maybe they just misstated the name of the executable.
RE: Trojan "idp.ares.generic" in 5.0-9939 - trihy - 04-12-2019
There is a 9939 compiled build on emucr. Maybe someone want to check it.
RE: Trojan "idp.ares.generic" in 5.0-9939 - CrazyStar5555 - 04-12-2019
(04-12-2019, 01:23 AM)Billiard26 Wrote: As far as I know we don't distribute a file called Dolphin64.exe. From where did you download it?
Sorry I meant simply Dolphin.exe
I did get it from the main site, downloaded a previous version from around 2 days ago and it was fine. This was an odd occasion and since the last post here was before this new one got released I figured I'd warn people.
The executable is sitting in the quarantine and since i'm very scared of things like this I don't want to mess with it.
RE: Trojan "idp.ares.generic" in 5.0-9939 - JMC47 - 04-12-2019
It's just a false positive. Dolphin does a lot of things that virus scanner's heuristics pick up as bad behavior when we legitimately have a reason for it. Send them a sample and they'll remove the quarantine. If you download a newer build it's not likely to hit their heuristic either though.
RE: Trojan "idp.ares.generic" in 5.0-9939 - JosJuice - 04-12-2019
(04-12-2019, 10:20 AM)JMC47 Wrote: It's just a false positive. Dolphin does a lot of things that virus scanner's heuristics pick up as bad behavior when we legitimately have a reason for it.
I don't think we do all that much that virus scanners would dislike... It's probably just the automatic updater again.
RE: Trojan "idp.ares.generic" in 5.0-9939 - Helios - 04-12-2019
yep. AV systems hate self contained updaters as it's literally the same thing that malware often does.
RE: Trojan "idp.ares.generic" in 5.0-9939 - CrazyStar5555 - 04-13-2019
Well that does clarify things. Sounds to be just that then, a false positive, likely since that version modified the updater and av picked up as having bad behavior, and since no one else experienced anything too weird i think it's ok.
Thanks for the help and clarification everyone.