PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

UnFreeZe/FreeFUn/glacius Game Servers forum.
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

Hi Adminless

I have a problem, I just saw that Windows Defender detected a potentially unwanted application in me when I had just quit UnFreeZe ... I have windows 10 version 20h2

Detected: PUA: Win32/Pearfoos.A!ml

affected item: C:\ioq3v6-unfreeze-client-v20.5a\ioq3v6-intel.exe

the possible actions are: Delete / Quarantine / Authorize on the device

is it normal that Defender detects this ? What should I do ?

thank you in advance
Capture.PNG
You do not have the required permissions to view the files attached to this post.
Last edited by imprecise on Thu Mar 25, 2021 2:28, edited 3 times in total.
"My ability to concentrate is so short that ... Oh a butterfly !"
PacMan
User lv5
User lv5
Posts: 1171
Joined: Sat Oct 21, 2017 16:09
in-game nick: PacMan.EZ
Location: u.k

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by PacMan »

This is adware tho , perhaps not client and you have done something else to put it in ?
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

@alyeti yes I know that it is an adware of which I do not know the dangerousness and the characteristics, and no I did not do absolutely nothing it came like that suddenly and for no apparent reason, hence my surprise !!!
"My ability to concentrate is so short that ... Oh a butterfly !"
User avatar
adminless
Site Admin
Site Admin
Posts: 5613
Joined: Thu Nov 03, 2016 19:05
in-game nick: not available
Location: Spain

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by adminless »

that's a false positive, try updating the windows defender database.
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

@Adminless Windows Defender database is already up to date
"My ability to concentrate is so short that ... Oh a butterfly !"
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

PUA: Win32/Pearfoos.A!ml removed by Defender

I just re-downloaded ioq3v6-unfreeze-client-v20.5a.zip I replaced ioq3v6-intel.exe then scan with Defender and no more PUA detected

thank you for your help
"My ability to concentrate is so short that ... Oh a butterfly !"
User avatar
adminless
Site Admin
Site Admin
Posts: 5613
Joined: Thu Nov 03, 2016 19:05
in-game nick: not available
Location: Spain

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by adminless »

ok that's great then, I'm glad you sorted it out soon and thanks for get back with the "solution" (apparently re-download and re-install from the site, good to know).
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: [Resolved] PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

hi Adminless

Windows Defender has detected me again Win32/Pearfoos.A!ml when closing ioq3v6-intel.exe (version 20.5a) and Windows Defender has apparently solved the problem by deleting the ioq3v6-intel.exe file and no longer finds a threat

I re-downloaded ioq3v6-unfreeze-client-v20.5a.zip and I took the ioq3v6-intel.exe from the package that I put back in place of the one that windows defender removed

I analyzed the new ioq3v6-intel.exe with windows defender, it does not find anything
You do not have the required permissions to view the files attached to this post.
"My ability to concentrate is so short that ... Oh a butterfly !"
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

hi Adminless

Windows Defender has detected me again Win32/Pearfoos.A!ml when closing ioq3v6-intel.exe (version 20.5a) and Windows Defender has apparently solved the problem by deleting the ioq3v6-intel.exe file and no longer finds a threat

I re-downloaded ioq3v6-unfreeze-client-v20.5a.zip and I took the ioq3v6-intel.exe from the package that I put back in place of the one that windows defender removed

I analyzed the new ioq3v6-intel.exe with windows defender, it does not find anything
You do not have the required permissions to view the files attached to this post.
"My ability to concentrate is so short that ... Oh a butterfly !"
User avatar
adminless
Site Admin
Site Admin
Posts: 5613
Joined: Thu Nov 03, 2016 19:05
in-game nick: not available
Location: Spain

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by adminless »

ok, good to know, thanks for the info. as I said antivirus solutions can be a little tricky and led to false positives specially when it comes to max settings generic Potentially Unwanted Applications (and similar rather than actual real infections) detection. very likely from what you're describing the engine probably generate some traffic and/or some memory pattern/access at some point of use that windows defender misidentifies as potentially unwanted/unusual/"unexpected" and problem is likely simply aggravated because of the fact of almost legacy/phased out software by today standards.
PacMan
User lv5
User lv5
Posts: 1171
Joined: Sat Oct 21, 2017 16:09
in-game nick: PacMan.EZ
Location: u.k

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by PacMan »

adminless wrote: Thu Mar 25, 2021 8:50 ok, good to know, thanks for the info. as I said antivirus solutions can be a little tricky and led to false positives specially when it comes to max settings generic Potentially Unwanted Applications (and similar rather than actual real infections) detection. very likely from what you're describing the engine probably generate some traffic and/or some memory pattern/access at some point of use that windows defender misidentifies as potentially unwanted/unusual/"unexpected" and problem is likely simply aggravated because of the fact of almost legacy/phased out software by today standards.

However only affects imprecise , I would say problem on that device .... Maybe
User avatar
imprecise
User lv5
User lv5
Posts: 330
Joined: Mon May 04, 2020 17:30
in-game nick: imprecise
Location: France

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by imprecise »

alyeti wrote

"However only affects imprecise, I would say problem on that device .... Maybe"
@yeti this is what I also said to myself but Malwarebytes does not detect anything and windows defender only occasionally detects it when I use ioq3v6-intel.exe no other application triggers this ...
"My ability to concentrate is so short that ... Oh a butterfly !"
PacMan
User lv5
User lv5
Posts: 1171
Joined: Sat Oct 21, 2017 16:09
in-game nick: PacMan.EZ
Location: u.k

Re: PUA: Win32/Pearfoos.A!ml in ioq3v6-intel.exe

Post by PacMan »

imprecise wrote: Fri Mar 26, 2021 20:01
alyeti wrote

"However only affects imprecise, I would say problem on that device .... Maybe"
@yeti this is what I also said to myself but Malwarebytes does not detect anything and windows defender only occasionally detects it when I use ioq3v6-intel.exe no other application triggers this ...
Uninstall malwarebytes ?