Anti Virus and CA certificates

This is the forum for miscellaneous technical/programming questions.

Moderator: 2ffat

Anti Virus and CA certificates

Postby smd » Mon Nov 30, 2015 6:48 pm

I copied my compiled program over to another computer (windows 7 and Windows 10) to run some tests. That system has Avast anti virus on it. As soon as I tried to execute the program, Avast flagged it as a virus for not having a CA certificate.

Although I can add the program to the exclusion list, the problem is if I send the program to someone else and their AV software flags for the same reason. Interesting that windows defender does not flag it.

How do I get a CA for my program? Or, is there something I am supposed to set in the registry to show that the program is valid?

Have not tried running on MAC OSX yet, so I am wondering if this is also an issue on MAC's.

As a test, I installed Avast on the laptop I am using for writing the program. While compiling. The moment the linker finishes, Avast flags the program and moved the file to the chest.

Uninstalling Avast and turning Windows defender back on, everything works just fine.
-----------------------------
Scott
smd
BCBJ Guru
BCBJ Guru
 
Posts: 130
Joined: Sat Nov 29, 2014 8:02 pm
Location: Las Vegas

Re: Anti Virus and CA certificates

Postby rlebeau » Mon Nov 30, 2015 8:47 pm

Avast is a horrible Antivirus when it comes to Delphi/C++Builder executables. It really hates them, years and years of D/C users complaining about false positives, and Avast still can't seem to get it right. Of course, it does not help that a lot of viruses were written in VCL way back when, so sometimes the mere presence of the RTL/VCL in an executable is enough to set Avast off when it decides to detect known byte patterns from the RTL codebase.

In any case, maybe you are running into this:

AutoSandbox – why are you annoying me?

Your executable is not code-signed (Authenticode), so maybe Avast is simply finding suspicious patterns in your code and not taking any chances with it.

Best advice is to GET RID OF AVAST and use a more decent and reliable Antivirus.
Last edited by rlebeau on Tue Dec 01, 2015 3:58 pm, edited 1 time in total.
Remy Lebeau (TeamB)
Lebeau Software
User avatar
rlebeau
BCBJ Author
BCBJ Author
 
Posts: 1504
Joined: Wed Jun 01, 2005 3:21 am
Location: California, USA

Re: Anti Virus and CA certificates

Postby smd » Mon Nov 30, 2015 8:57 pm

Seems the simplest solution is to get my application signed. I have no idea how to do that. Some client may have Avast on their computer so I need to address this issue. Luckily it happened on one of my computers and not on a clients machine.

What is involved with getting my application signed?
-----------------------------
Scott
smd
BCBJ Guru
BCBJ Guru
 
Posts: 130
Joined: Sat Nov 29, 2014 8:02 pm
Location: Las Vegas

Re: Anti Virus and CA certificates

Postby Azazaz » Tue Dec 01, 2015 3:44 am

You may not have to get certified if the only problem is Avast.

You may benefit from contacting Avast. By letting them examine the exact application in question, they may be willing to code in an exception.

I don't know that Avast will do it. But I had a program once that triggered a similar alert in MalwareBytes and they promptly took care of it.

Just a thought.
Azazaz
BCBJ Guru
BCBJ Guru
 
Posts: 105
Joined: Wed Sep 26, 2012 9:08 am

Re: Anti Virus and CA certificates

Postby rlebeau » Tue Dec 01, 2015 4:10 pm

smd wrote:What is involved with getting my application signed?


You have to purchase a code signing certificate from a reputable source, like VeriSign, and then use a tool like Microsoft's SignCode.exe to sign the executable with your certificate.

Authenticode

Introduction to Code Signing

Signing and Checking Code with Authenticode

Unfortunately, Embarcadero IDEs have no functionality to code-sign Windows executables (only OSX/iOS executables, via xCode), so you have to do it manually.
Remy Lebeau (TeamB)
Lebeau Software
User avatar
rlebeau
BCBJ Author
BCBJ Author
 
Posts: 1504
Joined: Wed Jun 01, 2005 3:21 am
Location: California, USA

Re: Anti Virus and CA certificates

Postby johnc » Fri Dec 04, 2015 10:56 am

About 2 years ago I started receiving e-mails from customers & dealers complaining that Avast was suddenly flagging my product. I contacted Avast, explained the situation, and at their request sent the exe in question. They were very responsive & the issue was fixed within a few days.

I recommend contacting them.
johnc
 
Posts: 2
Joined: Thu Nov 12, 2015 12:25 pm


Return to Technical

Who is online

Users browsing this forum: Baidu [Spider], Bing [Bot] and 21 guests

cron