False Positive

I have just installed Avast Mobile on my phone (Huawei 8150, Android 2.2 stock, rooted), and the first virus scan is showing z4root as a “Problem”.

I am not aware that this Ap is a problem, so have reported it as a false positive.

In the meantime, how do I get rid of the “Problem” notification?

Thanks

Hi,

if it is a PUP detection, you can turn those off in the application Settings.

Filip

Thanks for your response.

It is PUP, but if I turn that off, does it mean the AV will be less effective for future scans?

Well, it won’t detect PUP anymore. :wink:

Exactly. PUP = Potentially Unwanted Program (which z4root is if you are not the one that put it there), if you know that you want it, disable the PUP detections. It won’t detect any PUPs in the future.

Filip

It still detect my PUP…

Which one?

Filip

Droidsheep

Is it detected as a PUP? Does turning off PUP detections turns off the detection?

Filip

Yes it’s detected as a PUP.
Turning off LPI does not help :frowning:

That’s weird then, there was an error in the checkbox that it should have been fixed in AMS 2 release. Can you post the exact detection?

Filip

Yes : Android.DroidSheep-D [PUP]

I have the same problem with another PUP : zAnti
Detection : Android:HackTool-A [PUP]

with LPI activated or not.

By the way, some other PUP are not detected at all :

  • Wifikill
  • Fing
  • Network Spoofer
  • Routerpwn

I tried on SGSII with Droidsheep and it does not showing any PUP warning. Can you please specify the application?

Do you want me to send you the APK ?

For zAnti it’s there : http://www.zimperium.com/anti.apk

Anyway, as they are detected as PUP, shouldn’t the ignore LPI functionnality, really ignore ANY Pup ?

Just looked at it and there is a bug in the PUP settings. Should be fixed in the next version.

Filip

Thanks !

I have a Droid x2 rooted with Cyanogen using avast free edition. Yesterday it flagged my app “badoo” as having malware when I downloaded that weeks ago from the official Google Play Market. It says that it has the “basebridge-z[trj]” malware. I’m thinking this is a false-positive. Any way of finding out?

Hi, yes it was a false positive and it’s been fixed in the last vps

Hi,

zAnti and it’s detection will stay as a PUP. From those you mentioned all but Fing will be added as PUPs.

Filip