Sign in to follow this  
Followers 0
DoctorX

AVG workaround?

17 posts in this topic

I just released my program, and already I am getting complaints that AVG is considering it to be a Trojan. I know about the problems AVG has with AutoIT programs, but I noticed that when I scan the program on my computer AVG does not find any viruses. Is this because it was compiled on my system?

If that is the case, would it work if I released the uncompiled script along with Aut2EXE and let the end user compile it themselves? Will this allow the program to run on their computer without AVG shutting it down?

And if so, can I only release the Aut2EXE utility to them, or are there additional support files it will need? Will I also need to include the GUIconstants.au3 file? Can Aut2EXE even run as a stand-alone or will they need to install the full AutoIT version?

If the above procedure will not work, are there any other ways around the AVG issue? I recommended to one user to try temporarily disabling AVG, but he still had a problem.


-DRX

Share this post


Link to post
Share on other sites



bump? Thanks.


-DRX

Share this post


Link to post
Share on other sites

If that is the case, would it work if I released the uncompiled script along with Aut2EXE and let the end user compile it themselves? Will this allow the program to run on their computer without AVG shutting it down?

Not likely. Theoretically, they would compile the same EXE.

And if so, can I only release the Aut2EXE utility to them, or are there additional support files it will need? Will I also need to include the GUIconstants.au3 file? Can Aut2EXE even run as a stand-alone or will they need to install the full AutoIT version?

Aut2EXE depends on two files: upx.exe and AutoItSC.bin.

They need to be in the same folder at runtime.

If your script includes GUIConstants, then you'll have to send that as well. Make sure that you include it using a relative path...

#include "GUIConstants.au3"
instead of
#include <GUIConstants.au3>
(Assume that they don't have AutoIt installed.)

If the above procedure will not work, are there any other ways around the AVG issue? I recommended to one user to try temporarily disabling AVG, but he still had a problem.

What problem? Was it a different AV/Anti-spyware app?

Also, it goes without saying that you should update your defs and virus scan your whole system.

You might be infected, and passing that infection along through your EXE.

bump? Thanks.

Bumping on the same day? really? ;)

[font="Tahoma"]"Tougher than the toughies and smarter than the smarties"[/font]

Share this post


Link to post
Share on other sites

Bumping on the same day? really? ;)

Hehe. Yeah, sorry about that, I'm kinda in panick mode since I spent two months writing this script and so far everyone who has downloaded it uses AVG and they can't run it.

Thanx for the info about Aut2EXE. I'm going to try sending the package to a friend with the script to see if compiling the script on his system will not cause AVG to consider it a virus.

In the meantime, if anyone has any other advice I'm all ears.


-DRX

Share this post


Link to post
Share on other sites

No offense intended. I understand panic mode. (I work for General Electric) ;)

There may be a particular byte pattern flagged by AVG that is coincidentally being inserted.

You could try compiling with different compression levels...

You also mentioned that temporarily disabling AVG didn't help...

This leads me to believe that either it's not being stopped properly, or something else is conflicting.

btw- which virus is it being detected as?


[font="Tahoma"]"Tougher than the toughies and smarter than the smarties"[/font]

Share this post


Link to post
Share on other sites

Hehe. Yeah, sorry about that, I'm kinda in panick mode since I spent two months writing this script and so far everyone who has downloaded it uses AVG and they can't run it.

Thanx for the info about Aut2EXE. I'm going to try sending the package to a friend with the script to see if compiling the script on his system will not cause AVG to consider it a virus.

In the meantime, if anyone has any other advice I'm all ears.

It should do the same on your friend computer.

why not to use the beta which is usually not flag by AVG? ;)

Share this post


Link to post
Share on other sites

I just ran a full scan on my system and sure enough, AVG picked it up as a Trojan: Clicker. Bummer.

Just downloaded 3.1.1.83 and will give that a try.


-DRX

Share this post


Link to post
Share on other sites

I have the same problem here.

Avg detect this when i compile a script : Trojan horse Clicker.UH

The question is.. This is from Avg or the soft infect the computer...

Share this post


Link to post
Share on other sites

Same problem here, started yesterday, possibly after AVG updated its virus defs. Trojan identified. I deleted the allegedly infected file, recompiled, then AVG real time protection prevented the file from being generated.

New compiles of other scripts resulted in the same mess... Any idea ? Thanks

Share this post


Link to post
Share on other sites

Same problem here, started yesterday, possibly after AVG updated its virus defs. Trojan identified. I deleted the allegedly infected file, recompiled, then AVG real time protection prevented the file from being generated.

New compiles of other scripts resulted in the same mess... Any idea ? Thanks

try the beta, it is very stable ;)

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

It is annoying isn't it? Be sure to report your false positive to AVG for them to update and release a new signature pattern that does not recognise your code as infected. Make sure your friends also update their AVG when the new pattern is releaed, and then re-release your code.

Edited by Confuzzled

Share this post


Link to post
Share on other sites

I had the same error, but when i compiled my download manager, i added an icon and used reshacker to change the fileinformation and AVG didn't detect it. It did detect it when i didnt change the icon & info...

Maybe that helps u

tdlrali (Felix N.)

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

I have several computers with both AVG and Autoit3 and get no complains durring a virus scan or when I install new autoit3 updates, run au3 programs - I don't know what's the problem but it could be a trojan horse that attached to your program - these are somethimes very hard to catch but use hijack to get an image of links in your initreq base maybe that would tell you something...

Both AVG and autoit3 get constant updated...

kjactive ;)

Edited by kjactive

Share this post


Link to post
Share on other sites

kjactive, perhaps you don't have the release version of AutoIt installed on your computer/s?

I use AVG Free Edition and never receive false virus alerts whenever others on the forum do, but I only have the beta version installed (which may be why).

Share this post


Link to post
Share on other sites

I have tried with the beta and it's working... No virus^^

The things happened when i compile the code... Before that, i have no virus on my computer.

Share this post


Link to post
Share on other sites

I recompiled my script with the beta version and that seems to do the trick. Thanks for the help!


-DRX

Share this post


Link to post
Share on other sites

#17 ·  Posted (edited)

I can confirm that updating to todays (Okt 14) virus definitions solves the problem! ;)

BTW: simply including an icon also did the job!

Edited by borisC

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0