Virus in Xpresspads program

0
0

I purchased express pads last night.

Its the PC version.

The Windows 10 (update right upto last night) is throwing an error. See attached file. The virus was also reported by Avast Anti virus (evo.gen or something similar)

Any pointers?

Attachments:
Marked as spam
Posted by
Asked on July 15, 2017 2:22 am
387 views
0
Private answer

Screenshot from the Avast antivirus is also attached here.

Attachments:
Marked as spam
Posted by
Answered on July 15, 2017 2:34 am
0
Private answer

Hi Cpzder Wurkz,

Many thanks for your purchase!

A few antivirus applications are over-reactive on the XpressPads eCourse. Please see the attached screenshot.

That being said, please consider the following:

A year or two ago I tried to install “Max for Live” which I downloaded from the Ableton website. My anti-virus software gave an alert and quarantined the file. I googled why this happened and found out that sometimes anti-virus software incorrectly identifies malware because regular software includes some “traces” or bits of code that resemble those of malware… and then report a “false positive” that they won’t let go of. That was the case with my Max for Live installation, a program that is very likely installed on 1,000,000+ PCs around the globe… I’m sure this is what happened with my eCourse in your case as well. This thread explains the problem very well: https://cycling74.com/forums/virus-in-max7-install

The reason why I believe that this “false positive” detection is the case here as well relates to the following observations:

(1) On virustotal.com only 7 out of 59 providers flagged the file as suspicious. However, non of the big players (Kaspersky, Avira, BitDefender, McAfee, Symantec, Microsoft) recognize it as malware. I don’t believe that’s because those are the worse AV programs, actually I believe the opposite. Those AV programs probably have the more sophisticated algorithms to distinguish malware from regular software.

(2) I double-checked with our reseller FastSpring a couple of months ago when another user reported an AV false positive alert to me. FastSpring checked the file as well and confirmed back to me that they cannot see anything wrong with it.

I won’t urge you to use the program, but I am sure it’s virus-free. Otherwise I wouldn’t sell it. However, if you don’t feel save using it I fully understand and will reimburse your money.

Best regards

Andreas

Attachments:
Marked as spam
Posted by
Answered on July 15, 2017 9:22 am
0
Private answer

Also, as I just see that you’ve attached a second screenshot… in brackets your AV software says [susp] which stands for “suspicion”. “gen” in the found subject stands for “generic”. Seems like this pretty much fits into what I explained above.

Marked as spam
Posted by
Answered on July 15, 2017 9:25 am
0
Private answer

That would be such a shame. After a long time pondering and a couple of abandoned carts, I had finally purchased your course.

I was raring to go over the weekend banging away on those pads.

I also did a little searching and it does look like a false positive. Problem is in the way Windows 10/avast is behaving, it is just removing the file without any option. I wonder if you would have any workaround for this.

Also I wonder how much will it cost you to take care of the offending code in your course.

Marked as spam
Posted by
Answered on July 15, 2017 10:56 am
1
Private answer

Hey Andreas,

I somehow managed to run your software in Avast Sandbox. But the ecourse needs to reboot. And then it would be as good as not activated. I did it twice. The course just wouldn’t run.

Then I decided to bite the bullet and shutdown the antivirus completely, now your ecourse says – ‘You have exceeded maximum number of activations’??? It’s on the same maschine! Help please.

Marked as spam
Posted by
Answered on July 15, 2017 2:25 pm
0
Private answer

I was just answering when your new message came in… So what you read below answers your first question.
+++
I’m sorry to read that you experience these obstacles. I know that AV software is hard to handle when it thinks it found malware, so in this case the best way is probably to check their routines of taking programs off the black list.

To answer your question what it will cost to take care of the offending code… a lot! Really. This would mean re-writing the software, or changing the software provider that eventually turns the eCourse into an executable file that can be protected… The latter alone is a hell of a process. At the end this won’t guarantee that certain AV programs will let it get through without moaning.

As it happens just rarely that the eCourse is blocked by AV software (which I understand is nothing that helps you in your current situation – I apologize), I’d rather like to explain what the issue is and offer a refund than going the path of inpredictable time and cost efforts in order to at the end maybe facing the same issues.

I’m really sorry to see you struggle with the AV program, but all I can offer you is to refund your money or convice you that you can white-list the eCourse.

Marked as spam
Posted by
Answered on July 15, 2017 2:31 pm
0
Private answer

Don’t know if the Sandbox causes this activation error. I’ve just reset your activations. Please try again and let me know if it works. Thanks.

Marked as spam
Posted by
Answered on July 15, 2017 2:34 pm
0
Private answer

Thanks for getting back quickly. It seems to have worked. BTW, the digital signatures in the exe file are not validating. Just a heads up.

Marked as spam
Posted by
Answered on July 15, 2017 2:46 pm
0
Private answer

You’re welcome. And thanks for the heads-up. It’s strange though as I bought the digital signatures to be valid for 5 years, which means that they should be valid for the next 2 years. Maybe this also has to do with the sandbox. Don’t know, but I will check. Thanks again! Andreas

Marked as spam
Posted by
Answered on July 15, 2017 2:55 pm
0
Private answer

Just checked the digital signature and attached it as a screenshot. It’s valid until November 2019. So it probably really relates to the Sandbox specialities. Cheers, Andreas

Marked as spam
Posted by
Answered on July 15, 2017 3:02 pm
[wp_ad_camp_1]