Dear Avast Support Team,

We are the developers of a Windows application written in Go (Golang), and we have encountered an issue where our executable is being quarantined or flagged as a threat by Avast Antivirus.

Issue summary with four test cases:

1. A Golang Windows application using the SQLite database with the package “modern.org/sqlite” – when built, Avast does not quarantine it.

2. The executable from step 1, protected using the PC Guard protection tool – Avast does not quarantine it.

3. A Golang Windows application using the SQLite database with the package “github.com/mutecomm/go-sqlcipher/v4” – when built, Avast does not quarantine it.

4. The executable from step 3, protected using the PC Guard protection tool – Avast does quarantine it.

I have attached my sample application(golangsqldb.exe) built using the sqlcipher package “github.com/mutecomm/go-sqlcipher/v4” and protected with the PC Guard protection tool. The protected executable is being quarantined by Avast.

Additionally, my application uses the sqlcipher package. Why does Avast quarantine the executable when it is protected by the PC Guard protection tool?

Please note that this application is safe and does not contain any malicious code. We believe this detection is a false positive.

To assist with your analysis, we are attaching the executable file for your review and consideration for whitelisting.

Product Name: GolangApp-TestBuild
Executable File: golangsqldb.exe
Development Language: Go (Golang)
Build Toolchain: Go 1.23.6

First, I’m an Avast user and not an Avast Team member.

Possible False Positive - New location to report both a False Positive and or a False Negative (for File or URL) - Choose Your Sample Submission Type | Avast - You won’t get a direct response but it should be analysed within 48 hours, if found to be false it will be removed.

That said some time ago there used to be a means for developers to get whitelisted or submit programs, but find any information on that.