We have an installer that is signed using EV certification and Avast is scanning the installer because “CyberCapture” detects it as suspicious.
Since our installer is bigger than 50MB how can we join the whitelist program as mentioned here https://support.avast.com/en-ww/article/229/
We release it frequently and would like to whitelist it each time.
See the juju box alert:
htxps://vtbehaviour.commondatastorage.googleapis.com/c026e2942579e24babd927640cb3072a284670a020318e4431fb9f43e15f9a05_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1617048118&Signature=UiZ9HppiHn7Ly6wzVqNnDhf3NXoYNaq1uLS1AqfcygB5C1l0KTZK8MvMu1DwWzOXLZ7pbBG86%2FqI%0AuqfcpSLQgR0FHF4jUMGUfdIxoYLToHbv%2Bg6cuU4uD0AuZoQOvCcnTwCSLniwXH1S8pmHoDRlatK9%0Ah9n1LYupqjCaSKDCVu0%3D&response-content-type=text%2Fhtml; (I have made that link non-click for obvious reasons, but it does not take rocket technology to see what it reports)
Wait for an avast team member to comment and give a final verdict.
It is their definitions, so they are the ones to come up with an explanation,
and then are the only ones to come and unblock. Did you report there?
It is not a bad idea to report new signed future releases to avast team,
so eventual avast whitelisting and/or an eventual undesirable FP would cross-interfere.
Pre-armed is the best way to go.
Is there any way to report them outside the whitelisting program that limits the file size to 50MB?
Our installer exceeds that and there is no documentation on how to report those files. I mean there is with the FTP but the credentials are given with the first whitelisting program report.
We here are just volunteers with relative knowledge
(Little old me in the field of website security and script-error-hunting).
Avast Team will instruct you what to do in this case, contact them.