Yes. We did a release on Dec 19th (nb181). Every release that brings new functionality to the platform inevitably makes the apps bigger as every app has some new code that it didn't have prior to the release. That doesn't imply that there is a virus.
I just built an app and uploaded it to Virus Total and it didn't trigger for Avast or Avast Mobile. It's possible that they've already updated their heuristic database to account for the false reports. Unfortunately, without seeing the contents of the app it's unclear what the cause could be that's triggering Avast. Different components include different libraries. If you also use extensions, those could potentially be adding code that triggers the warning. Make sure your Avast definitions are up to date and then try building a simple app with App Inventor, compile it, and install. Does this still result in the dialog today (1/1/2020)?
Please excuse me if I disagree. I am not sure whether virustotal.com is a reference for the existence of a virus or not. It is just a kind of search engine, which in turn taps into anti-virus websites.
My apk is also recognized as not infected there, although the pre-installed Avast from my phone shows it as infected.
The fact is that since the compiler change, the pre-installed mobile version of Avast has wanted to detect the Evo-gen virus.
Please try to find someone who has a current Huawei phone (for me it is a P30Pro and a P10) and try to install your apk there. If everything works, I donât know what to do. But Iâm pretty sure that you will also see your app as infected.
As I have already written, I tested the app with and without extensions. If necessary, I can also provide you with my apk.
Now I just created an app that consists of only one button. This app is also shown as infected.
Ray
@Ray. Virus Total actually runs all of the anti-virus programs it lists, it does not âsearch websitesâ. There can be a difference between a web-based test and a device-based test simply because the version of the AV program could be different.
@JatiMuar We do of course test our own Apps. Letâs get things into perspective:
There are approx 400,000 unique App Inventor users per month, but only a handful reporting a virus problem. If there really was a virus in a MIT App such as the Companion APK, we would surely be getting hundreds if not thousands of reports.
Avast is mentioned a lot. There are two issues - firstly, installing a 3rd Party AV can âclashâ with the resident AV, potentially causing issues with both. Secondly, Avast has a poor reputation for false-positives amongst developers on desktop computers and so it is not surprising that this is apparently so on Android devices too.
Myself and fellow professional developers have also noted that too many mistakes are made by AV companies. You report a false-positive, itâs acknowledged and the AV âfixedâ - then a few versions later, the same issue arises againâŚ
Huawei devices are mentioned a lot in this Topic too. Huawei AV can produce false-positives but Huawei do not wish to admit that possibility. It is possible to report an issue to them, but they seem to always deny responsibility and suggest that you have not carried out their instructions properly. I believe this is actually a cultural issue as much as anything.
Iâm not going to suggest that Android is bullet-proof and canât catch a virus, but itâs structure is very secure compared to desktop Operating Systems. Google Play checks Apps too - their test might not be perfect (no test is), but it does mean the âaverageâ App downloaded from Play should be safe.
The 3rd Party AV Apps for Android are often from companies whose main market is the desktop PC running Microsoft Windows. That market has become saturated and so the chance to hop onto Android has clearly become irresistible. However, that doesnât mean those Apps are doing a good job, or anything useful at allâŚ
Hi Chris, everything you say is certainly correct.
Unfortunately, I can only repeat myself: Every, really EVERY AI app that I wrote is reported as infected on my Huawei devices. You may want to contact all available users who have a Huawei device and ask them how they are doing. They only need to install an apk that contains only a single button.
Surprising but true, I received an answer from Avast: âWe examined the file in our virus laboratory and adjusted our virus database accordingly. Since the last Avast update, the problem should no longer exist.â
Unfortunately, nothing has changed on my Huawei phones yet. Thatâs why I wrote to support again and asked at what intervals the mobile version gets updates. I am now waiting for an answer.
Not really a surprise to get an answer like that from Avast
Huawei smartphone test results are meaningless - we cannot force Huawei to update their software and although they are updating Android regularly, that doesnât mean their AV is, or is going to be. So, frankly, Huawei device Users are just going to have to use their own judgement as to whether or not a Huawei virus alarm is actually correct. Virus Total is helpful - if the majority of AV tested does not raise an alarm then that has to be good enough info for a User/Developer to say Huawei AV got it wrong, ignore their alert. I cannot see what else can be done, given Huaweiâs stance. It is quite possible that a 3rd Party AV on the same device will report the same false-positive as Huawei AV will have already flagged it.
Even on Windows Desktop, I suspect that the AV industry exaggerates danger as much as possible - one day we might find that some viruses are born within the AV communityâŚ
At least you have identified the issue lies with Hauwei devices, and not with AI2 âŚnot to say that MIT should not at least have a look at why some of the build code is flagging viruses/trojansâŚ
Note: Hauwei/Honor sold 400 million devices in the last two years, that is a lot of users to contact
⌠Actually, I do know of one really silly âdetectionâ that is carried out by some AV programs. The scenario works like this:
An actual, genuine threat is created by Mr Bad Guy using a known Compiler that identifies itself in the code or other supporting files.
This genuine virus is therefore added to the direct tests that an AV program runs. Thatâs fine.
What is not fine - they add the Compiler name or ID to their tests too, such that any software developed by anyone using the same Compiler as Mr Bad Guy gets their App flagged as containing a virus when it fact it is clean.
The above is the bain of Indy Developers who do not have the financial might to challenge the AV companies.
If you really think the compiler is compromised and that you canât trust MIT, then I ask you to check out and build App Inventor from sources here. I expect that even an app built on your own machine will still flag the virus scanner until the virus definitions on your phone are updated.
Given that App Inventorâs mission is focused on education and not primarily as a tool for people to publish apps via Google Play (you can use Android Studio for that), and given that we have a small development team, we canât dedicate resources to push back against Huawei or Avastâs issues with false positives.
Iâm sorry that you obviously misunderstood me completely. I never claimed that the AI ââplatform is actually infected. Maybe the code is now similar to an Avast mobile virus definition.
I can only say what I have experienced myself. I just wanted to point out that I have received this virus message only since this compiler change. Avast is of course responsible for correcting the virus definitions.
Anyway, I have to wait and see how Avast responds to my last request.
I have tested a simple Hello World App on a Huawei P30 Pro (VOG-LO9), Android v9 01 November 2019, and do see the same warning message.
I have removed all mention of App Inventor and MIT from the files that make up the .aia file, but that did not make any difference. There may be something in the App Manifest that the Huawei does not like but if so, it is their responsibility to tell us - but I don't think that will happen.
After build apk with mit app inventory I install it on my phone. After that I see on my phone a security message: âVirusâ from two app.
The first is my project (MaricaCard) and the second is the application MIT AI2 Companion.
The virus name is Evo-gen.
Why I see that from apk? How can I solve that?
You can write an answer in English or in Italian.
Iâm Italian so I prefer Italian language.
Here thereâre some screenshot.
If you didnât have the latest version, try updating and rescanning your device to see if it still reports MIT App Inventor. You may need to uninstall and reinstall the app as Avast might remember that it previously marked the app bad.
After compiling with nb180 NO Virus detected by pre-installed Avast on Huawei P30Pro
after compiling with nb181b VIRUS detected by pre-installed Avast on Huawei P30Pro
Honor 9 Lite is a Huawei device. See the above posts.
There is NO bug in App Inventor. This is a serious problem with Huaweiâs virus detection.
Sorry, there is no simple solution. You might be able to disable the virus checker and replace it with one from GooglePlay. When the notice appears, simply click the ignore button and enjoy your app.
