Hello,
I downloaded the Zoiper software as it is required for my job when working from home. However, when I tried to run the program, an Avast notification appeared saying that Zoiper was blocked and put in the Virus Chest, because the IDP.Generic virus was detected.
In an old post in a forum for a different antivirus program, someone seems to have had a similar issue with Zoiper. But somehow it was resolved, although I’m not sure I understand how. I also am not sure if that case would relate to mine, especially as that old post is from 2013.
Is there someone who can advise me about this issue? Is there a way for someone to verify in a safe way whether or not the software is safe to use? I do need it for work.
In searching for info online about IDP.Generic, I see that it appears that there have been many issues about false-positives and this particular warning, often relating to telecommuting software, apparently.
I would greatly appreciate any help with this problem. I am letting the company which sent me the software download link know about it, but I’m not sure if they will be able to resolve it soon.
VT says safe. McAfee removed detection back in 2013. Interestingly, Sophos didn’t like it. Website scans came back clean. Generic detection, you’re likely fine honestly. Wait for Milos or another Avast! Employee to roll around though.
Retire.js flags retirable jQuery code:
jquery 3.2.1.min Found in -https://www.zoiper.com/v3/js/jquery-3.2.1.min.js?fd640b23
Vulnerability info:
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution
Security on download link: hxtps://www.zoiper.com/en/voip-softphone/download/current
with http security headers, page meta security headers & form autocomplete setting issues (RECX scan info)
Thank you so much for your advice, Michael(alan1998) and Polonus. The specific name of the file, as I took another look at it, is Zoiper_for_G1_Research_Windows_v3.60.exe. It is the free version of Zoiper, but I think that with the link that the company provided to me, they were able to make it specifically for G1 Research.
As I’m not a full employee of the company, I’m not 100% certain about them, and I’m somewhat worried about whether they might hold it against me if I question the safety of the software.
But your help so far is reassuring, and I hope that it is harmless. Thank you so much for taking time to help me with this!
the detection is generic and it can detect unknown files.
Could you provide us the file via our FTP ftp://ftp.avast.com/incoming or share the virustotal link to it? Otherwise we aren’t able to analyze it on our side with provided info correctly.
Thank you again Michael(alan1998) and PDI for all of your help!
Also, the day before yesterday, I had called Avast Tech Support, and in the process of checking my computer remotely, the agent installed the program. But I have now uninstalled it, because I think the program or something related to the program may have been causing my computer to overheat.
As you can see from the VT scan results, it says there: Signature Info
Signature Verification
File is not signed
Very important info for av scanning engines to avoid False Positives, certainly with part of such unsigned files,
that then could kick up generic detections, later found to be False Positive detections.
Thank you so much for pointing this out to me, I hadn’t realized what it meant that the file is not signed, and that the detection was probably due to a false positive which is reassuring to know. I really appreciate your help!!