I'm interested in using DLL's in Delphi 5 and being new to the whole DLL 'thing' I thought I'd follow a tutorial on actually creating one first, (which can be found at
The problem is that as soon as I compile the DLL, my AV software (AVG) picks it up as a Backdoor.Bionet virus and tells me to run the main AV program to remove it. When this is done, I go back to the project folder and the newly created DLL has been deleted!
I've checked and double-checked and when my DLL is not there I do NOT have the virus anywhere else on my system - nor the files which should be there (like Procmon.exe). The expected backdoor entries in the registry are also not there. (I've spent a considerable amount of time researching Backdoor.Bionet on the net).
So, I could only assume that there was something in the DLL example which was fooling the AV software into thinking it was a malicious file. At first I suspected the 'Hello World' string, but it did the same whatever text string I used.
Just out of curiosity I decided to check if I might have an infection in the Delphi include files which weren't being picked up by AVG (doubtful I know, but I was getting desperate).
I started by commenting out each of the uses clauses one by one and by accident, I discovered that if you change the *order* of the uses clauses, the resulting DLL is not 'infected'.
For example:
uses SysUtils, Dialogs, Classes;
results in a 'virus-free' DLL, whereas the tutorial example of:
uses SysUtils, Classes, Dialogs;
makes my background AV guard throw a wobbler and I have to delete the DLL!
Has anyone else found this problem or knows what is causing it?
Barrie
The problem is that as soon as I compile the DLL, my AV software (AVG) picks it up as a Backdoor.Bionet virus and tells me to run the main AV program to remove it. When this is done, I go back to the project folder and the newly created DLL has been deleted!
I've checked and double-checked and when my DLL is not there I do NOT have the virus anywhere else on my system - nor the files which should be there (like Procmon.exe). The expected backdoor entries in the registry are also not there. (I've spent a considerable amount of time researching Backdoor.Bionet on the net).
So, I could only assume that there was something in the DLL example which was fooling the AV software into thinking it was a malicious file. At first I suspected the 'Hello World' string, but it did the same whatever text string I used.
Just out of curiosity I decided to check if I might have an infection in the Delphi include files which weren't being picked up by AVG (doubtful I know, but I was getting desperate).
I started by commenting out each of the uses clauses one by one and by accident, I discovered that if you change the *order* of the uses clauses, the resulting DLL is not 'infected'.
For example:
uses SysUtils, Dialogs, Classes;
results in a 'virus-free' DLL, whereas the tutorial example of:
uses SysUtils, Classes, Dialogs;
makes my background AV guard throw a wobbler and I have to delete the DLL!
Has anyone else found this problem or knows what is causing it?
Barrie