Avast WEBforum

Other => General Topics => Topic started by: REDACTED on February 08, 2016, 08:46:28 PM

Title: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 08:46:28 PM

Is there someone that can help me with a false positive Avast is bringing up with my software.  I am loosing potential customers because of it.  I will attach the code and build.bat file so you can see compile/link switches, etc.  everything is there.  it is a small Windows "service". header files are also included.  I am attaching it as a .jpg, but it is a .zip file.  just rename it.

I reported this to Avast last year, and apparently they have not addressed the issue.

Any help would be greatly appreciated.

Mark

Title: Re: false positive with my software since October last year
Post by: Eddy on February 08, 2016, 08:53:18 PM

As what does avast detects it and at wat point ?

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:09:58 PM

It reports a "Win32-GenMalicious-BJZ [trj]"

and people are unable to download my software.

Title: Re: false positive with my software since October last year
Post by: Pondus on February 08, 2016, 09:15:47 PM

https://virusscan.jotti.org/en-US/filescanjob/b6i0ywe57p
https://www.metascan-online.com/#!/results/file/0b54960ec4d64b1db718754e40566b01/extracted
https://www.virustotal.com/nb/file/e48692efe4e647090c3c4007cd56f28631aaa4fc975a69139983298b868f6ba2/analysis/1454962118/


post a screenshot of the detection popup

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:23:54 PM

snapshot.png

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:27:14 PM

this one is expanded and better.

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:29:37 PM

Just a side note, even though I am snapshotting on Mac, the issue also exists with the Windows version of Avast.

Title: Re: false positive with my software since October last year
Post by: Pondus on February 08, 2016, 09:34:41 PM

the file detected in your screenshot is named sgpad.exe  ... the file you attached above is not, and the zip does not contain any sgpad.exe


upload the file you have problems with to www.virustotal.com  if scanned before click rescan for a fresh result
post link to scan result here

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:39:52 PM

here is the .jpg (.zip)  with the sgpad.exe in it. 

I will check that site again.

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 08, 2016, 09:43:41 PM

Here is virustotal.com screenshot

Title: Re: false positive with my software since October last year
Post by: Eddy on February 08, 2016, 09:44:38 PM

https://www.virustotal.com/en/file/9ca52059b4dfc9898cf3b19b2984bdb1bbb31bcf4743c2d26731ca02709554ea/analysis/1454964141/

Title: Re: false positive with my software since October last year
Post by: Pondus on February 08, 2016, 09:48:10 PM

send it to avast lab as possible false positive  >>  https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Title: Re: false positive with my software since October last year
Post by: HonzaZ on February 09, 2016, 10:03:01 AM

I have added the file to our cleanset and disabled the detection, thanks for reporting it ;)!

Title: Re: false positive with my software since October last year
Post by: REDACTED on February 09, 2016, 03:53:36 PM

Thank you so much.