Since a resent definition update, certain of our own communication has been flagged as malware, and is blocked.

Our company writes software for the engineering industry. We are a group of professional people (all civil engineers) that tries to give our clients (also professional civil engineers) a quality and reliable product with excellent support service. This is now becoming a task of impossibility if most of our support is tasked to resolve the clients’ problems with anti-virus issues.

We decided to implement a licensing system for our software, to protect our hard earned money and keep on developing and expanding the industry. Since most commercial licensing software are quite expensive, we decided to do this in-house.

Part of the licensing system is the on-line activation and deactivation of licenses, which requires that the users’ computers log a request to our on-line server. This is where the Avast warning pops up.

We have already adapted our system after having trouble with Kaspersky and AVG anti-virus products. We cannot keep on adapting our licensing system because of anti-virus programs blocking our system.

How do we stop this runaway train regarding our software licensing system from killing our company???

Hello, you can report it as a false positive here:
http://www.avast.com/contact-form.php?loadStyles

Hello,
you site is probably prokon.com, right? Can you send here the full URL address what we detect on your site please?
Jan

Thanks Shiw & Jan
We do appreciate this.

Jan, I’ll try to add a screenshot of the message, but it’s not so intuitive how this is done, seeing that I’m new to forums.

http://D:\Junk\Untitled.png

Having captured the alert image and saved it to a .gif, .jpg or .png file format, use the Additional Options option in the Reply window to attach the image to the post.

Hi!

Could you tell us your website’s address, so we could check whether it is infected or not?

Mmmmm

Didn’t seem to work.

In essence the message is:
Malicious URL blocked
Object: http://http://linux.prokon.com/php/key_status.php?key_no=…&hash=… (This part is private for client access to their licensing)
Infection: URL:Mal
Process: C:.…\Chrome.exe

Otto

Thanks DavidR

Here, lets try this again…

URLVoid says it’s SUSPICIOUS, only MALC0DE says it’s infected: http://malc0de.com/database/index.php?search=prokon.com

IPVoid says it’s SUSPICIOUS: 2/26:
http://www.ipvoid.com/scan/67.228.244.245

http://www.mywot.com/en/scorecard/67.228.244.245

Sucuri says it’s CLEAN

You’re welcome,

Hopefully that and the previous URL will help Sirmer investigate.

Hello,
reason why we block this site is: linux.prokon.com/exe/key_55862.exe.
Here you can see google results for this site:
http://goo.gl/SoRkh

Results for file:
http://www.virustotal.com/file-scan/report.html?id=136ab26878e3fb9226c1789262878dea5a808476385552d1a22b43c65175808e-1318244560

Hello,
we change our detection to not block whole domain linux.prokon.com so your issue should be solved with next VPS update.
Jan

Hello Jan
Thank you for your quick response.
I have just received a new update for my Avast (Internet Security), but I still get the messages and communication is still blocked?
Regards
Otto

There has been a VPS update this morning, version 111011-0 and I don’t get an alert on http://linux.prokon.com. That URL redirects to http://support.prokon.com/helpdesk/ if that is what is meant to happen.

Hello David
Another update came through, version 111011-0 as mentioned, and now it works.
Yes, linux.prokon.com is not supposed to be accessed directly, and rightfully redirects to our support page. The activation and deactivation accesses a PHP page on linux.prokon.com with client attributes.
Thank you all at Avast for excellent support service.

Thank you for choosing avast
Now, spread the word