Avast detected a virus threat (IDP.ALEXA.54) in my own standalone application

1.052 Ansichten (letzte 30 Tage)
Jakub Haifler
Jakub Haifler am 12 Aug. 2024
Bearbeitet: Divyam am 28 Okt. 2024 um 11:58
Hello everyone.
Recently, I have compiled my own standalone application using Matlab Compiler – let’s say it is called JHApp.exe. Then, I tried to test the functions of my JHApp.exe file occurring in the for_redistribution_files_only folder (i.e., without installation). During each very first run (with each new compiled version), a security alert is reported by Avast. I understand the antivirus is suspicious of that new executable file and I know this is quite common – this is not the major problem.
However, after several minutes of using JHApp.exe (the app makes many calculations and can create .xls, .html and .m files), I received a new, more specific alert, something like IDP.ALEXA.54 detected, and Avast moved JHApp.exe to the carantine.
Given that I have spent a lot of time coding the app and I want to share my app in a scientific community, it is very important for me that it is trustworthy and safe. May it happen that a harmful code, e.g., from an infected PC, is accidentally and unintentionally distributed together with a Matlab standalone application?
It is quite strange for me to imagine that – my PC does not seem to be infected (according to Avast), and I don’t think some harmful code can easily attack Matlab and hide in a standalone application.
Please, what do you think about that?
Thank you very much for your answers.
Best regards, Jakub Haifler

Antworten (1)

Divyam
Divyam am 28 Okt. 2024 um 11:54
Bearbeitet: Divyam am 28 Okt. 2024 um 11:58
The IDP.ALEXA.54 alert is a generic detection that can sometimes mistakenly identify legitimate software, such as newly created executables and metadata stored in the %temp% directory, as malicious.
As a precautionary measure, ensure that the code you are using for your application does not access any malicious external dependencies or scripts, and run various antivirus scans from other service providers.
Since you wish to provide access to your application to other members of the community, consider signing the application digitally using built-in Windows tools. This will authenticate your application and decrease the chances of it being flagged by antivirus services.
You can also try contacting Avast customer support and informing them about this behavior. They may analyze your executable and confirm the possibility of a false positive.
For more information regarding leveraging Windows tools for digitally signing files, refer to these links:

Kategorien

Mehr zu Application Deployment finden Sie in Help Center und File Exchange

Produkte


Version

R2023b

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by