Android Question False positive virus

[Marcello Pietrelli]

I published my app "The Holy Rosary" on Google Play. Several users contacted me saying that the antivirus reported malware.

I immediately scanned the APK file with VirusTotal which didn't detect any viruses. What should I do? This is the third time I've received reports like this. Are there any libraries in B4A that give false positives?

The libraries I use:
Library1=accessibility
Library2=ahlocale
Library3=core
Library4=javaobject
Library5=okhttp
Library6=okhttputils2
Library7=phone
Library8=reflection
Library9=richstring
Library10=runtimepermissions
Library11=stringutils
Library12=webviewextras
Library13=webviewxtended
Library14=xui views

 

[techknight]

They should provide you with more details other than say "reported malware". Perhaps provide the detection results so you can replicate the problem. Otherwise you are shooting in the dark.

 

[JohnC]

1) Find out what antivirus app they are using to detect the virus

2) Make sure you can also get the antivirus app to report the problem with your app.

3) Contact that company to get the false alert removed for your app.

4) Using the antivirus app in #1 above, try to narrow down which lib is causing the problem by unloading it from the IDE and commenting out the code that uses it and rerunning the scanner.

 

[Erel]

Are you using your own private signing key?

 

[Marcello Pietrelli]

Good morning, thank you all for the suggestions! I found out that the antivirus reporting the false positive is Avast (installed by default on all Huawei devices).
I sent a report to the Avast team: they immediately removed my app from their virus database, but in the meantime a lot of users uninstalled the app and gave bad reviews.
From now on, before publishing the app, I will first send the APK of the app in the form "False positives" Avast.