My anti-virus software reported that executable
file protected with PC Guard for .NET/Win32 is infected with 'Unknown virus'. Is
this to be taken seriously?
Simple answer is: It is just a fake alarm.
The more complex one is:
Application is encrypted (and this means modified) after protection. Any
heuristic engine could possibly generate alarm because of this. Even if all
encryption options are turned off application will still be modified after
protection.
Most AV software will recognize that application is encrypted and will not
generate false alarms. Some AV software could mark protected application as
'packed', 'armored' or 'encrypted' (this does not mean that any specific virus
is detected in protected application).
These are general recommendations:
- Submit application which generates false positive to AV provider so they can
fix the problem.
- Consider signing your applications.
- Be sure to have the latest version of our protection software.
- End users should update to the latest version of their AV scanning engine.
- For some applications the following options could affect virus alerts:
a) Turning ON compatibility flags.
b) Turning OFF "Hide executable objects names" option.
Protected application startup is slow when
my AV software does online application monitoring? my AV software does online application monitoring?
Anti virus software could intercept application loading in order to be able to "trace"
application code. Application protected with PC Guard for .NET/Win32 contains many
decryption and self-modifying routines. Tracing through such code could make decryption
process slow in some cases. AV software should be able to recognize protected files
and skip decryption parts. Standard virus scanning has no effect on protected applications.
If required, turn off online application monitoring in your AV software.
My application is 25MB in size and loading
time of protected application is longer than loading time of non-protected (original)
version?
Some time is required for decryption process once the file is loaded into memory.
Decryption time depends on program size and CPU strength. It's also longer if you
protect the same file more then once.
When I create an application set-up, I get
a message "No dependency information for file: PCGW32.DLL". Is there a
dependency file, or shall I simply ignore the message?
Don't worry about it. Just ignore the message.
Your program does not make any direct calls to PCGW32.DLL (there is no IMPORT information
about this DLL) and you are just warned that this DLL is not used by your program.
Just forget about it because this dll is called directly from the PC Guard's protection
layer which is implemented into your protected application.
|
