Application detected as malware?

[REDACTED]

Hello,

Our company Android app, CADSYS, is being reported as a false positive by Avast. 5 other antivirus programs clears the app, only Avast marks it as malicious. We decided to pull the app immediately when this was reported. Do we need to re-publish the app for you to update Avast to pass as positive?

Our business model relies heavily on security, so this is catastrophy for us. A quick reply would be much appreciated.

Regards,

Robert

[Eddy]

https://forum.avast.com/index.php?topic=192106.msg1344230#msg1344230

[REDACTED]

Sorry, what does that link have to do with my issue? It is just another person reporting a similar issue but with other apps?

[Eddy]

There was a little problem in the latest detection database, making avast detecting a lot of apps als malicious while they are not.
That problem has been solved.

If you have the latest detection database and your app is still detected, you need to let avast know.
https://www.avast.com/false-positive-file-form.php
or
https://support.avast.com

[REDACTED]

I see. I have the latest updated database, still getting the error. Will use the link you provided to report it. Will they get back to me once it has been resolved, or will I just have to keep checking? Plus, do you know the turn around on an issue like this?

Thanks a million, Eddy.

[Eddy]

avast will not contact you unless they need/want more information.
They will just solve the problem if it is a false positive.

Often it is solved in the next database update.
It depend ofcourse how busy it is, if there is a holiday, a weekend and such.

[Ondra Cermak]

Hi, it was a false positive and is fixed by now. Tell your users to ignore the result, update the virus database of Avast Mobile Security (Settings / Updates) and then run the scan again. The correct version of virus database should be 161019-01 or newer.

Thanks and sorry for the inconvenience

Ondra

[REDACTED]

Hello Ondrej,

Definitions are updated to the version you mentioned. I uninstall the app, reinstall and Avast did not mark it as a virus. On a second Avast sweep, it said it was suspect, quoting: APK:CloudRep [susp]

How come it is ok on the first pass but not the second?

Regards, Bob

[REDACTED]

Hello Ondrej,

Never mind my last message. Was able to find out that that has to do with apps that has not had many downloads, and since it is a development build it has only a single installation, which makes sense.

https://forum.avast.com/index.php?topic=179031.0

[Eddy]

You are correct about the APK:CloudRep [susp] detection.

Little info (I put it really simple):
APK = Guess that speaks for itself

CloudRep = Cloud Reputation
In order to have a reputation, there must be a certain amount of avast users having it installed/using it.

[susp] = Suspicious
Something that isn't hardly used/installed should be (and is) considered suspicious.
Ofcourse there can be (as it is in your case) a legitimate reason for it.

The mistake that many people make is thinking this message means the app is malicious.
But basically it only says "This app is not used by many users, make sure it is trusted if you want to use it"

Good luck with the development.