ClamAV Classifies 1Password (current and previous versions) as Win.Adware.Eorezo-528

ceasley

I assume this is a false positive (downloaded directly from this website), so I went ahead and submitted a false positive report to ClamAV. I have run multiple scans with multiple products, and none of them detected an infection, so I'm confident this is safe.

It seems like 1Password keeps ending up in this situation (reading through past topics). Is there something we could do to help prevent this false classification?

---

1Password Version: 4.6.0.598
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Dropbox

LauraR

Hi @ceasley - I'm sorry you received this false positive. Thank you for reporting it, this is very helpful for our developers.

LauraR

Hi @ceasley - I just wanted to follow up and let you know that our developers have also sent a report to ClamAV now and really appreciate you letting us know about this.

MikeT

Hi @ceasley,

The only thing you can do to help is to file it as a false positive.

The reason 1Password tends to get more false positive is because of our integration with your system and our encryption libraries, they look a lot like a malware, especially ransomware with their encryption libraries.

There are some ideas we're working with certain AVs to reduce the false positive detection rate. This may take some time to implement but you should see it decrease over time.