The company I work for releases a product that uses 7za.exe during archive. Several of our customers have reported issues with Avast as it keeps finding 7za.exe to be a virus.
We have a slightly modified version of 7za.exe which changes the way the progress is reported so it interacts with our software differently.
Is there a way to register our version so that it is not being flagged as a virus?
Best regards,
Rick C. Hodgin
what does avast say… what malware name is given?
upload and test the file at www.virustotal.com if tested before, click new scan
post link to scan result here
You can report it using one of these options…you may add a link to this topic in case they reply here
You can upload files and report issues to avast here : http://www.avast.com/contact-form.php (select subject according to Your case)
You can use mail
send to virus@avast.com in a password protected zip file
mail subject: False Positive / undetected sample (select subject according to your case)
zip password: infected
or you can send files from avast chest
how to use the chest. http://www.avast.com/faq.php?article=AVKB21
I’m told by our support department that it’s the result of a new update that was sent out last night. Here is what our support sent out: “The error is return code 1, 2 unable to verify file.”
Here are the results from virustotal.com:
https://www.virustotal.com/nb/file/0fc74bc8e6034ed4fa435782931bccda18d4b50c06b715da2dc342c462868d55/analysis/
SHA256: 0fc74bc8e6034ed4fa435782931bccda18d4b50c06b715da2dc342c462868d55
File name: 7za_kd.exe
Detection ratio: 0 / 54
Analysis date: 2014-07-03 13:18:23 UTC ( 1 minute ago )
I uploaded the file and reported the false positive to Avast using this link. Thank you. 
Here’s the text I wrote:
"The error is return code 1, 2 unable to verify file.We have a slightly altered version of 7za.exe, which is from 7-Zip 9.20’s source code. It changes the way it displays data during processing so it integrates better with our application.
A recent update is now flagging this software as a virus causing our customers issues, and our support staff extra work.
We’d like to know how to register this file with Avast, or if you can send out an update to correct the issue. Thank you."
as i said… post link, we then get lots of extra info. 
seems new
First submission 2014-07-03 13:18:23 UTC ( 6 minutter siden )
CopyrightCopyright (c) 1999-2010 Igor Pavlov Publisher Igor Pavlov Product 7-Zip Original name 7za.exe Internal name 7za File version 9.20 Description 7-Zip Standalone Console
avast is usually quick to fix it
guessing it was detected as Win32:Evo-gen [susp] = suspicious
this is a on access detection only and will not show on a VT scan
Yeah… Missed that. Sorry. ;D 
:o
I have not heard back from Avast yet on the 7za_kd.exe file I sent them. Any thoughts on what I can do next?
Hello
Reporting for virus analyst / vírus lab
Hi, the file was voted clean by me 3rd July 15:46 CEST, so all detections (and there were indeed evogens detecting this file) were disabled shortly after that.
Do you still have issues with the file being detected?
Please note that WE DO NOT REPLY to reports submitted via http://www.avast.com/contact-form.php. There are so many requests that we are happy just to process it:-).
I contacted Karel Divis from Avast. I sent her a copy of the application installer we’re using and she said it was not flagged. We have not had any additional calls, but our users use the software every day and our initial solution was to turn Avast off in that directory, so it’s unlikely we would’ve had any additional calls anyway.
Is it possible that only those with Avast Professional would’ve had this occur, because that’s what our help desk is telling me, that only those who had Avast Professional were calling in. It could also be that all of our users who have Avast simply have Avast Professional (as our customers are nearly all government entities).
Thank you for your assistance. It was interesting to us that this file had been in use for a year or so, and was flagged all of a sudden after an Avast update.
Is it possible that only those with Avast Professional would've had this occur,to my knowledge all avast versions Free / PRO / AIS have same scan engine/signatures