Author Topic: WowApp application considered dangerous after certificate update 2019  (Read 366 times)

0 Members and 1 Guest are viewing this topic.

Offline andrei.dica

  • Newbie
  • *
  • Posts: 15
Hello happy Avast community, it is that time of the year again!

https://forum.avast.com/index.php?topic=208639
https://forum.avast.com/index.php?topic=221843

I work for wowapp.com, we've developed a messenger called WowApp, which is normally whitelisted for Avast. We've had to update our code-signing certificate and now we are considered a threat. We've had the exact same issue the last 2 times we updated our certificate, as you can see above. Like before, we have not changed anything to break the Avast Clean Guidelines.

So, here i am again, asking you guys for help, hoping the issue can be fixed. The archive uploaded is called "WowApp_Setup.7z".

Image with the alert: https://ibb.co/PQgTsYV

To make things quicker:
@Asyn, yes i have followed the guidelines for whiltelisting and app cleanliness :D
@Milos, the file is digitally signed and uploaded to you FTP server, under username ftp_woowteamcom, filename WowApp_Setup.7z

Please let me know if i can help you with more information. Thank you.
« Last Edit: October 03, 2019, 05:57:21 PM by andrei.dica »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61053
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: WowApp application considered dangerous after certificate update 2019
« Reply #1 on: September 10, 2019, 12:12:58 PM »
Hi, I forwarded it to Avast Whitelisting Team.
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.62 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline VítSU

  • Avast team
  • Newbie
  • *
  • Posts: 3
Re: WowApp application considered dangerous after certificate update 2019
« Reply #2 on: September 10, 2019, 01:27:51 PM »
Hello,

we checked your provided file and this app violate our clean guidelines by following:

- "Minimize on exit" without ability to disable in-app
- No notification about app staying in tray after closing
- Autorun active when app installed without ability to disable in-app (user is able to disable this  only AFTER signing in). This should be enabled after user log-in OR user should be able to disable this without logging in (access to settings)

Our resolution is PUP detection.

Best Regards,
Vít Suchánek 
Avast Whitelisting Team - AVAST Software s.r.o.
a: Přízova 7, 602 00 Brno-střed, Czech Republic
s: www.avast.com

Offline andrei.dica

  • Newbie
  • *
  • Posts: 15
Re: WowApp application considered dangerous after certificate update 2019
« Reply #3 on: September 10, 2019, 04:30:08 PM »
@Asyn, thank you very much, as always :D

@Vitsu

Ok, this is new. Can you please point me to the specific guidelines that cover what you mentioned ? I'm using https://support.avast.com/en-eu/article/Threat-Lab-clean-guideline. I'm asking because this is a first for me, hearing this from somebody from Avast (i need not mention that there has never been an issue with any other antivirus) and, as you saw, this is not the first time i've gone through this process.

We have always been cleared before, with mentions made that the problem was not on our side, and now we're somehow a PUP ? It makes no sense.

Returning to the points you mentioned:
1. You can find the option in Tools > Settings > General
2. Windows notifies you of this when you install it, that some programs remain in the taskbar. Neither Skype nor Viber do this and i get no alerts for them.
3. Skype on Win 7 doesn't do this either, yet no alerts for them.

Bottom line is, we can address all of your concerns if you decide they are truly a problem, what i need is the app to stop being considered a threat by your product, when we clearly are not.

Best Regards,


« Last Edit: September 12, 2019, 11:29:19 AM by andrei.dica »

Offline andrei.dica

  • Newbie
  • *
  • Posts: 15
Re: WowApp application considered dangerous after certificate update 2019
« Reply #4 on: October 07, 2019, 05:31:06 PM »
Hello again,

Since we last spoke, the builds i submitted were whitelisted (confirmed via email) without any problems and since there were no more replies, i thought this issue had been dealt with. Until now, at least, that was enough: whitelist one build, all others were clear from then on.

But now we find out that the all the new builds we make are now considered a threat by Avast, even though the whitelisted builds do not raise any alarms. This is a big problems for us, since users receive updates that they can't install.

I have, again, uploaded a new build for whitelisting, archive name "WowAppBeta_Setup.7z", pass "virus".

Can somebody please provide a clear answer as to what we need to do for this to end ? You can't expect us to have to submit and wait for whitelisting everytime we create a new build. Why does Avast have so many issues, while all other antiviruses consider us clean without any problems ? I was never able to get a clear answer to that question.

Thank you and i eagerly await your answer.
« Last Edit: October 11, 2019, 02:07:36 PM by andrei.dica »

Offline andrei.dica

  • Newbie
  • *
  • Posts: 15
Re: WowApp application considered dangerous after certificate update 2019
« Reply #5 on: October 11, 2019, 11:25:13 AM »
bump

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2621
  • Volunteer
Re: WowApp application considered dangerous after certificate update 2019
« Reply #6 on: October 11, 2019, 07:20:40 PM »
Funny, I could've sworn I had answered this as well as someone from Avast! (more recently).

PUP does not equate to a threat - that's a common misconception. PUP means Potentially Unwanted Program. (I agree it serves no purpose but confusing end users though. Most people see the associated red and think "bad" immediately.)

Comparing Skype to your product is a little bit of a long shot. Skype is a multi-Billion dollar product owned by Microsoft.

I will message Vitsu. Avast! is unlikely to remove PUP detection if you haven't address their concerns though.
*Volunteer*.
Tier I SOC Analyst; Threat Hunter; Digital Forensics (no cert); HTB Competitor; Pentester (no cert).

4th Year BCS Student @ The University of New Brunswick.