Page 1 of 1
PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 18:57
by imprecise
Hi Adminless
I have a problem, I just saw that Windows Defender detected a potentially unwanted application in me when I had just quit UnFreeZe ... I have windows 10 version 20h2
Detected: PUA: Win32/Pearfoos.A!ml
affected item: C:\ioq3v6-unfreeze-client-v20.5a\ioq3v6-intel.exe
the possible actions are: Delete / Quarantine / Authorize on the device
is it normal that Defender detects this ? What should I do ?
thank you in advance
Capture.PNG
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:01
by PacMan
This is adware tho , perhaps not client and you have done something else to put it in ?
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:06
by imprecise
@alyeti yes I know that it is an adware of which I do not know the dangerousness and the characteristics, and no I did not do absolutely nothing it came like that suddenly and for no apparent reason, hence my surprise !!!
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:13
by adminless
that's a false positive, try updating the windows defender database.
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:22
by imprecise
@Adminless Windows Defender database is already up to date
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:36
by imprecise
PUA: Win32/Pearfoos.A!ml removed by Defender
I just re-downloaded ioq3v6-unfreeze-client-v20.5a.zip I replaced ioq3v6-intel.exe then scan with Defender and no more PUA detected
thank you for your help
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Feb 12, 2021 19:43
by adminless
ok that's great then, I'm glad you sorted it out soon and thanks for get back with the "solution" (apparently re-download and re-install from the site, good to know).
Re: [Resolved] PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Sat Mar 13, 2021 3:12
by imprecise
hi Adminless
Windows Defender has detected me again Win32/Pearfoos.A!ml when closing ioq3v6-intel.exe (version 20.5a) and Windows Defender has apparently solved the problem by deleting the ioq3v6-intel.exe file and no longer finds a threat
I re-downloaded ioq3v6-unfreeze-client-v20.5a.zip and I took the ioq3v6-intel.exe from the package that I put back in place of the one that windows defender removed
I analyzed the new ioq3v6-intel.exe with windows defender, it does not find anything
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Thu Mar 25, 2021 2:31
by imprecise
hi Adminless
Windows Defender has detected me again Win32/Pearfoos.A!ml when closing ioq3v6-intel.exe (version 20.5a) and Windows Defender has apparently solved the problem by deleting the ioq3v6-intel.exe file and no longer finds a threat
I re-downloaded ioq3v6-unfreeze-client-v20.5a.zip and I took the ioq3v6-intel.exe from the package that I put back in place of the one that windows defender removed
I analyzed the new ioq3v6-intel.exe with windows defender, it does not find anything
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Thu Mar 25, 2021 8:50
by adminless
ok, good to know, thanks for the info. as I said antivirus solutions can be a little tricky and led to false positives specially when it comes to max settings generic Potentially Unwanted Applications (and similar rather than actual real infections) detection. very likely from what you're describing the engine probably generate some traffic and/or some memory pattern/access at some point of use that windows defender misidentifies as potentially unwanted/unusual/"unexpected" and problem is likely simply aggravated because of the fact of almost legacy/phased out software by today standards.
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Thu Mar 25, 2021 17:32
by PacMan
adminless wrote: ↑Thu Mar 25, 2021 8:50
ok, good to know, thanks for the info. as I said antivirus solutions can be a little tricky and led to false positives specially when it comes to max settings generic
Potentially
Unwanted
Applications (and similar rather than actual real infections) detection. very likely from what you're describing the engine probably generate some traffic and/or some memory pattern/access at some point of use that windows defender misidentifies as potentially unwanted/unusual/"unexpected" and problem is likely simply aggravated because of the fact of almost legacy/phased out software by today standards.
However only affects imprecise , I would say problem on that device .... Maybe
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Fri Mar 26, 2021 20:01
by imprecise
alyeti wrote
"However only affects imprecise, I would say problem on that device .... Maybe"
@yeti this is what I also said to myself but Malwarebytes does not detect anything and windows defender only occasionally detects it when I use ioq3v6-intel.exe no other application triggers this ...
Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe
Posted: Sat Mar 27, 2021 8:05
by PacMan
imprecise wrote: ↑Fri Mar 26, 2021 20:01
alyeti wrote
"However only affects imprecise, I would say problem on that device .... Maybe"
@yeti this is what I also said to myself but Malwarebytes does not detect anything and windows defender only occasionally detects it when I use ioq3v6-intel.exe no other application triggers this ...
Uninstall malwarebytes ?