Author Topic: Why does Avast Antivirus on Android regard my app as suspicious?  (Read 2626 times)

0 Members and 1 Guest are viewing this topic.

Offline henr

  • Newbie
  • *
  • Posts: 1
Hi!

I have developed an app using Python-for-Android.

I don't think it contains anything suspicious, and on Virustotal.com - https://www.virustotal.com/gui/file/943d5c2ec4f300a5621b428806281b7db9f1a3bade882cabd037e27897dd2a96?nocache=1 - all 49 security packages - even Avast - say that it is harmless. But when I install it on my MOTO G5 Android 8.1.0 phone I get a warning from Avast saying the following. Translated from Danish:

" Suspicious app detected!

Geo-ESP Training has been reported as a suspicious app. Detection-ID: f2a0ea355cad "

How can I (and other users of my app) get rid of that warning?

Thank you.

EDIT:
I have sent the APK-file to the False Positive Reporting page mentioned in the reply below.
« Last Edit: October 06, 2023, 11:30:47 AM by henr »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89443
  • No support PMs thanks
Re: Why does Avast Antivirus on Android regard my app as suspicious?
« Reply #1 on: October 05, 2023, 11:25:41 PM »
Send it here - Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two.

I would advise you remove the link from your post as the above goes link goes directly to the Avast Virus Labs Team.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37644
  • F-Secure user

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89443
  • No support PMs thanks
Re: Why does Avast Antivirus on Android regard my app as suspicious?
« Reply #3 on: October 06, 2023, 11:23:00 PM »
Now detected by TrendMicro

https://www.virustotal.com/gui/file/943d5c2ec4f300a5621b428806281b7db9f1a3bade882cabd037e27897dd2a96?nocache=1

I'm not entirely sure how an on-demand scan (which is the primary check) can be effective in scanning an .apk. 
This would effectively have to be installed on a mobile phone and it actions monitored and why I suggested sending the .apk to Avast and the labs team to do that.

The Behaviour check in VT is still apparently running, but that does raise a point - Crowdsourced IDS rules
« Last Edit: October 06, 2023, 11:25:44 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security