Windows app triggers AVG quarantine and threat alert for EvoGen

image786×296 16 KB

Xojo v 2022r1 compiled my app.

Is there some way to contact Avast/AVG about that false positive and have them tell their engine ?

Some AV are sometimes themselves harmful to a computer .

They have a function to send the file in for analysis. I used that function, and am also concerned for every other app that I compile with Xojo. Not sure if the alert is related to how the compiled executable calls the usage of Libs and/or other resources.

That’s the procedure. I know that they had false positives for EvoGen for VB6 apps. So it may be something related to BASIC like keywords in the binary exposed symbols + some coincidence of some signature.

https://support.avg.com/answers?id=9060N000000gSYnQAM

AVG used to drive me crazy with false positives. I’d submit the binary to be reviewed, the next signature database update would fix it, then a few months down the road the same app would be quarantined again for the same threat ID. This repeated ad nauseam.

I eventually switched to Avast, which has some annoying default notification settings that I had to customize, and don’t think I’ve had a single false positive since.

It’s not me that I’m concerned about; it’s the idea of customers downloading the app and mistakenly being brought to the belief that I am offering spyware or threatening software for download.

Yeah, you just have to keep resubmitting for review every time it happens. Nothing else you can do.

The wording of these messages is pure scaremongering.

Apple’s notarisation check is among the worst: (my bold)
‘XYZApp will damage your computer You should move it to the Trash’

In most cases this is a blatant lie, (they dont know what it does) and it just means

‘XYZApp didn’t let us scan it before they gave it to you’

But the users don’t know that.

And users not knowing it is where developers’ problems would start, because not all users would take the time to let a developer know about flagging of their software.