Sign in to follow this  
Followers 0
blitzer99

Problem with AVG Anti-Virus and AutoIt

20 posts in this topic

I have a problem with the latest release of AVG Professional (version 7.1.371 released 14 Dec 05). It appears to report every AutoIt generated exe as a virus. It disables these executables, whether or not you want them disabled, and otherwise makes it practically impossible to develop AutoIt applications.

I have reported the problem to the AVG developers - hopefully they will fix this problem promptly. Does anyone else have this problem?


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites



I have a problem with the latest release of AVG Professional (version 7.1.371 released 14 Dec 05). It appears to report every AutoIt generated exe as a virus. It disables these executables, whether or not you want them disabled, and otherwise makes it practically impossible to develop AutoIt applications.

I have reported the problem to the AVG developers - hopefully they will fix this problem promptly. Does anyone else have this problem?

just for laughs, do a search of this forum for "virus scanner"

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

just for laughs, do a search of this forum for "virus scanner"

?? OK, so I appear to have two choices - stop using virus protection or stop using AutoIt. :P

Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

?? OK, so I appear to have two choices - stop using virus protection or stop using AutoIt. :P

or plan C, use good antivirus software that doesn't blindly flag all executables packaged with UPX, or that allows you to decide how to treat issues that it identifies instead of just deleting the files.

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

or plan C, use good antivirus software that doesn't blindly flag all executables packaged with UPX, or that allows you to decide how to treat issues that it identifies instead of just deleting the files.

omg i was gonna say that. but since you sayd it im gonna propose something else.

dont pack your exectuables with upx. (place a dummy executable over your upx.exe)


My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll

Share this post


Link to post
Share on other sites

or plan C, use good antivirus software that doesn't blindly flag all executables packaged with UPX, or that allows you to decide how to treat issues that it identifies instead of just deleting the files.

I'm afraid to say AVG AV has a more sophisticated approach even than what you suggest. It gave me the option of deleting, ignoring or moving the exe file to its virus vault. I chose the ignore option. So what does it do? It does something to the exe file to make it completely unusable! It is not done via attribute settings, something more cunning. If I try and run the exe file Windows says that I don't have rights to run it any more (hey, I'm admin).

But wait, there's more. Even as I write this there is an automatic AVG update applied that seems to change things again. I can actually run some of my AutoIt executables now. But the other ones it has already found appear to be history. Time to roll out the backup.


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

omg i was gonna say that. but since you sayd it im gonna propose something else.

dont pack your exectuables with upx. (place a dummy executable over your upx.exe)

Sorry, I won't even pretend I know what you're talking about.

Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

I'm afraid to say AVG AV has a more sophisticated approach even than what you suggest. It gave me the option of deleting, ignoring or moving the exe file to its virus vault. I chose the ignore option. So what does it do? It does something to the exe file to make it completely unusable! It is not done via attribute settings, something more cunning. If I try and run the exe file Windows says that I don't have rights to run it any more (hey, I'm admin).

But wait, there's more. Even as I write this there is an automatic AVG update applied that seems to change things again. I can actually run some of my AutoIt executables now. But the other ones it has already found appear to be history. Time to roll out the backup.

i'm sorry if i over simplified the explanation of why your AV sucks. Please refer to plan C


1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

omg i was gonna say that. but since you sayd it im gonna propose something else.

dont pack your exectuables with upx. (place a dummy executable over your upx.exe)

Sorry, I won't even pretend I know what you're talking about.

Rename your UPX.exe to UPX_2.exe or something, then make a replacement for UPX.exe Named UPX.exe using notepad or something. I think that's where he's heading with that... I know he's done some hacking around in that area, so he's probably much more versed in it than I am.


[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

Sorry, I won't even pretend I know what you're talking about.

It's on the helpfile:

UPX.exe The UPX compressor (shinks the size of exe files).

By default a lot of 'lame' virus scanners tag anything UPX-compressed as a virus.

Not so sophisticated, don't you think?

My point of view: Use a traditional, with a high user base, virus scanner. Those new 'super-dooper' cheap, fast, fancy programs may be better in some cases but they lack of something very important: the experience.

Don't push your luck with them. Leave them aside for 4-5 years and come again to see what happened with their evolution. :P

Share this post


Link to post
Share on other sites

What version of AutoIt are you using?

IIRC correctly, most of the virus scanning issues AutoIt has had was with scripts compiled pre-3.1.1 public (3.1.0.* line)


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

Latest beta, .97 and having no virus-related problems here. :P

Share this post


Link to post
Share on other sites

It's on the helpfile:

By default a lot of 'lame' virus scanners tag anything UPX-compressed as a virus.

Not so sophisticated, don't you think?

My point of view: Use a traditional, with a high user base, virus scanner. Those new 'super-dooper' cheap, fast, fancy programs may be better in some cases but they lack of something very important: the experience.

Don't push your luck with them. Leave them aside for 4-5 years and come again to see what happened with their evolution. :P

Yes, agree. My one scores a big "Duh" in this case. Maybe it's time to change. I have had a good run with AVG up to now. Tried others and they have come up well short too when the going gets tough and compatibility problems appear. Past experience with Symantec falls into this category. I'm considering NOD. Other recommendations?

Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

I highly recommend Avast!. Avast! is very AutoIt friendly. No Compiled AutoIt executable incidents yet, touch wood. Detection of evil stuff is very good also. False-positives are still at 0 to record from myself. I been using it for approx. 18 months. :P

Share this post


Link to post
Share on other sites

I highly recommend Avast!. Avast! is very AutoIt friendly. No Compiled AutoIt executable incidents yet, touch wood. Detection of evil stuff is very good also. False-positives are still at 0 to record from myself. I been using it for approx. 18 months. :P

I was going to say the exact same thing. I have hated AV for years. I tried AntiVir, but Avast! is so much better.

I havent had a problem with it or even noticed a slight sluggishness in my system like I do with AVG, Norton's, or McAffee.

I just wanted to post and re-affirm that this is exactly what I would recommend.

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites

I have a problem with the latest release of AVG Professional (version 7.1.371 released 14 Dec 05). It appears to report every AutoIt generated exe as a virus. It disables these executables, whether or not you want them disabled, and otherwise makes it practically impossible to develop AutoIt applications.

I have reported the problem to the AVG developers - hopefully they will fix this problem promptly. Does anyone else have this problem?

Just tried the same AVG release as yours, no problem here. No problem with Bitdefender either.

Share this post


Link to post
Share on other sites

#17 ·  Posted (edited)

I chose the ignore option. So what does it do? It does something to the exe file to make it completely unusable! It is not done via attribute settings, something more cunning.

No, nothing cunning. AVG doesn't modify a file that you have instructed to 'ignore' -- it simply blocks access to it until it believes that it's safe to run. During this time Windows therefore can't run it and will show an error.

I don't understand why I appear to be the only one on these forums that has had no trouble with AVG Free Edition and AutoIt ever. (Well, Mikey has stated no problems with AVG Professional.)

Edit: Perhaps it's because I only actively use the beta and never compile any scripts? Shrug.

Edited by LxP

Share this post


Link to post
Share on other sites

i had one problem with AVG during the beta release about a month ago, but none now

thankfully

8)


NEWHeader1.png

Share this post


Link to post
Share on other sites

I have a problem with the latest release of AVG Professional (version 7.1.371 released 14 Dec 05). It appears to report every AutoIt generated exe as a virus. It disables these executables, whether or not you want them disabled, and otherwise makes it practically impossible to develop AutoIt applications.

I have reported the problem to the AVG developers - hopefully they will fix this problem promptly. Does anyone else have this problem?

It looks like the problem in AVG is now fixed. The latest update (7.1.371 with virus definitions database 267.14.1/204) now no longer flags AutoIt 3 exe files. I was also able to recover my quarantined files from the AVG virus vault.

Many thanks to everyone for their help. I will be taking a closer look at Avast.


Computers don't solve problems, they just rearrange them.New string TRIM() functions for AutoIt3

Share this post


Link to post
Share on other sites

..

I don't understand why I appear to be the only one on these forums that has had no trouble with AVG Free Edition and AutoIt ever. (Well, Mikey has stated no problems with AVG Professional.)

..

If it helps, I haven't had any problems with AVG either (Free Edition), and I've been using it for about 5 or 6 years. Maybe my updates simply have always skipped their slip-ups.

:P

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0