Deluge
deluge-2.2.0-win64-setup.exe 2025-04-29 21:27 40M
- Screenshot 2025-04-30 112305.jpg (23.66 KiB) Viewed 4017 times
[FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
-
longtallmatt
- New User
- Posts: 1
- Joined: Wed Apr 30, 2025 6:19 pm
[FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
Infection found in win download by bitdefender
deluge-2.2.0-win64-setup.exe 2025-04-29 21:27 40M
deluge-2.2.0-win64-setup.exe 2025-04-29 21:27 40M
Re: Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
This is definitely a false positive, you can view the source code on GitHub, and the CI/CD built/compiled everything.
Torrent software, as well as crypto and other software used for sometimes nefarious things often trigger false-positives.
I would upload this to virustotal if you really want to get a full view, but I can guarantee you if you go to my thread (Stickied) and you can verify the SHA256 against the github hashes and all that you will see that there is nothing untoward about this new release.
Even the name Gen: (Generic) Variant.Tedy is most likely a heuristic detection, which means it seems to do some sort of behavior that is ambiguous or potentially close to what another virus might do, and since most viruses use p2p to communicate these days, this isn't too surprising.
We can submit a signature to Bitdefender and get it removed pretty quickly, I'll look into this.
Other false positives are common for this: https://stackoverflow.com/questions/758 ... edy-304469
Torrent software, as well as crypto and other software used for sometimes nefarious things often trigger false-positives.
I would upload this to virustotal if you really want to get a full view, but I can guarantee you if you go to my thread (Stickied) and you can verify the SHA256 against the github hashes and all that you will see that there is nothing untoward about this new release.
Even the name Gen: (Generic) Variant.Tedy is most likely a heuristic detection, which means it seems to do some sort of behavior that is ambiguous or potentially close to what another virus might do, and since most viruses use p2p to communicate these days, this isn't too surprising.
We can submit a signature to Bitdefender and get it removed pretty quickly, I'll look into this.
Other false positives are common for this: https://stackoverflow.com/questions/758 ... edy-304469
Re: [FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
https://www.virustotal.com/gui/file-ana ... A0NjUxMg==
https://www.virustotal.com/gui/file-ana ... A0NjUxMA==
https://www.virustotal.com/gui/file-ana ... A0NjUwOA==
https://www.virustotal.com/gui/file-ana ... A0NjUwNg==
All 4 installation files on virustotal, some of the lesser known pick it up as a false positive, but as you can see the reputable virus scanners show absolutely nothing wrong.
https://www.virustotal.com/gui/file-ana ... A0NjUxMA==
https://www.virustotal.com/gui/file-ana ... A0NjUwOA==
https://www.virustotal.com/gui/file-ana ... A0NjUwNg==
All 4 installation files on virustotal, some of the lesser known pick it up as a false positive, but as you can see the reputable virus scanners show absolutely nothing wrong.
-
highvoltage
- Leecher
- Posts: 61
- Joined: Mon Apr 11, 2016 11:11 pm
- Location: Brazil
Re: [FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
I agree, there is nothing to worry about, it's just a false positive.
Re: [FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
When scanning the actual executable (not the installer), previously, it was only some unknown things I had never heard of that detected it as malware: https://www.virustotal.com/gui/file/7c0 ... ba96f6d28f
But after updating to 2.2.0, some commonly used ones like AVG, Avast, Symantec, and Microsoft (in fact, Windows defender caught it) detect this as malware: https://www.virustotal.com/gui/file/e69 ... 2ec8e66389
Must say I'm very curious as to what changed with 2.2.0 that lead to this change
But after updating to 2.2.0, some commonly used ones like AVG, Avast, Symantec, and Microsoft (in fact, Windows defender caught it) detect this as malware: https://www.virustotal.com/gui/file/e69 ... 2ec8e66389
Must say I'm very curious as to what changed with 2.2.0 that lead to this change
Re: [FALSE-POSITIVE] Infection in found in win download GEN:Variant.Tedy.766940 and removed from system
For info, my Bitdefender had no issues with the download or install, however, when running Deluge, the Advance Threat Defence quarantined both 'deluge.exe' in Program Files and '.safe_state_che' in 'appdata\roaming\deluge\state\'. Adding these files to the exception list and Deluge runs fine. If I remove from the exception list then Bitdefender in addition to 'deluge.exe', further quarantines 'deluge-gtk' and 'state-2025-05-03T11-13-36.tar.xz'.
Appreciate false positives, but it shouldn't be creating false positives needing exception rules after every start. Whatever changed in new version that is causing this is probably not the best solution.
Appreciate false positives, but it shouldn't be creating false positives needing exception rules after every start. Whatever changed in new version that is causing this is probably not the best solution.