False Positive

[REDACTED]

Hello Everyone.
I've been using Avast Free for over 2 years.
Several years ago I purchased the programs of this developer:
http://soft4boost.com/

Today in the morning I tried to update some of them. However, I was unpleasantly surprised: Avast alarms that the file is infection: FileRepMalware. I sent it to your virus laboratory and from there it came the answer that the file is really infected. I wrote to the developers and they told me that this is a false positive. I sent one of their programs to viristotal.com and received the following report:
https://www.virustotal.com/#/file/cff8981c1c60e43b48b94c857d6a2f15e5ac13ca45ff59a55daeded412666bd2/detection

It looks like it really is. I'm at a loss - I'm really used to using these programs and the Avast antivirus. What should I do?

[Pondus]

As the text under this forum section Name say > No virus or FP here

Use Viruses and Worms section.
In sticky post at top there you find how to report instructions

[bob3160]

Submitting files from the Virus Chest to Avast Virus Lab
https://www.avast.com/faq.php?article=AVKB21#idt_07

[nalo89]

I had the same problem with Avast Free reading a number of Nirsoft files in the Nirsoft Launcher as being pup's and malware etc.I opened the Behaviour shield and excluded the self run folder and content being read and also used the global exclusion facility. I was still getting files being seen as false positives and opening the virus chest saw that Avast in Appdata/Roaming was the cause so I excluded it also from reading and then went back to the Virus Chest and restored all the affected Nirsoft files.

[REDACTED]

As the text under this forum section Name say > No virus or FP here

Use Viruses and Worms section.
In sticky post at top there you find how to report instructions

Sorry.
I don't know how move topic to another section, so I created the new one:
https://forum.avast.com/index.php?topic=211108.0

[Milos]

Hello,
digital signature was used for signing SW, which is on the deceptor list: https://customer.appesteem.com/deceptors

Milos

[REDACTED]

Thank you for a link, Milos.

I see the reason: "The application exaggerates the number of invalid registry keys, lists the normal browser extensions as problems, browser history and junk files as problems. The overall exaggerated scanning result leads misleading urgency for user to take action fixing the problems."

I do not agree with this point, so I've been using this application successfully for a year and a half. In any case, I hope that the guys from Soft4Boost will be able to solve this problem.

I'm wondering why avast on this basis issues alarm report about a completely different program?
https://www.virustotal.com/#/file/cff8981c1c60e43b48b94c857d6a2f15e5ac13ca45ff59a55daeded412666bd2/detection

It is obvious that this is a false positive for this program, isn't it?

[Milos]

Hello,
using the same certificate for signing both clean and PUP/adware apps makes mess in classification and the certificate cannot be trusted. Solution for an author of the app is to obtain new certificate and use it only for clean apps and/or get certification from AppEsteem.

Milos

[REDACTED]

Hello.

As a user, I see that Avast gives a false positive alarm to a completely clean file. Why does he do, it make me care less. If Avast is positioning itself as a good antivirus, it should try to fix it. Such situations harm the reputation of any antivirus software. Do you agree with me?

[Milos]

Hello,
from the provided information it is not "completely clean file".

Milos

[REDACTED]

Of course, because Avast\AVG alarms to this file, so the file is not "completely clean file":
https://www.virustotal.com/#/file/cff8981c1c60e43b48b94c857d6a2f15e5ac13ca45ff59a55daeded412666bd2/detection

Bravo!

[polonus]

@krisdima,

You base your view probably on this report a Belize based firm Comodo certification for unnamed Russian owner(s):
https://www.reasoncoresecurity.com/signer-sorentio-systems-ltd-00ee7a82a1605277bf31c11500157b4d6b.aspx

Controversy and questionable web reputation also as adware-"somoto" forced installation>  http://www.urlvoid.com/scan/soft4boost.com/
No verifiable data http://news.softodrom.ru/ap/b21639.sh

polonus (volunteer website security analyst and website error-hunter)

[REDACTED]

Thank you for your information - it makes you wonder about the Soft4Boost as a company. Bur I have a positive experience with the use of programs from Soft4Boost and Avast Free both. The programs of Soft4Boost have more value for me, cause I buy the purchase for these programs but as for avast, i use the free version - this is natural from the point of view of psychology.

Anyway, I remain in my opinion - to my mind this is a false positive alarm:
https://www.virustotal.com/#/file/cff8981c1c60e43b48b94c857d6a2f15e5ac13ca45ff59a55daeded412666bd2/detection

[Pondus]

Well I would not call bad reputation a false positive   

[bob3160]

Well I would not call bad reputation a false positive   

A crook can also be a nice person or good product. That doesn't change the fact, he/she/it is still a crook.