I've just started getting alerts from Avast File Shield on Mac OS informing me that it the application is infected with malware (MacOS:Ledger-B [Trj]).
I'm not sure if this is a "real infection" or a false-positive based on updated Avast data-files.
I did just re-download the official DMG file again from the Joplin website and had the same issue when I tried to copy it from the DMG to my Applications folder (an Avast threat alert pops up and it quarantines the file).
A full scan of my system with Avast shows no other issues. It looks like it's been doing this all day today if I look at the Avast quarantine logs - only for Joplin...
This is Joplin version 2.10.18 on macOS Monterey version 12.6.5.
That shows as no virus when I upload the same DMG, so I guess Avast data files must be showing it as a false positive...
A little annoying as I don't want to risk telling Avast to restore the file, on the slight off-chance there is an issue. I have submitted the file to Avast Security for analysis as a false-positive so will wait and see what they come back with.
Same on macOS Ventura 13.2.1, Apple M1, Joplin 2.10.19, Avast 15.6.0 virus definitions latest as of this timestamp.
The older Joplin 2.10.18 had already been partly overwritten so I can't even run it. So just tried re-installing 2.10.18 and also 2.10.16 and same MacOS:Ledger-B [Trj] detection. VirusTotal now gives Avast and AVG as also finding the same trojan in these DMG files. I also asked VirusTotal to re-analyze (as last analysis was 23 hours ago) - still flags just those 2 virus scanners. So likely a false-positive.
Specifically the Joplin Helper (GPU) file seems at issue.
Unfortunately I've tried adding an exception to the file, to the whole package, to the entire directory and Avast still flags it. And I can't figure out how to turn Avast off. And I need to use Joplin!
I (somewhat nervously) added Joplin as an exception in the Avast preferences and it is working normally.
How were you able to do add the exception in Avast? I added Joplin .dmg as an exception, and the directory in which it sits, and the individual file Joplin Helper (GPU) via show package contents to the exception list, but still Avast won't let me install Joplin.