CODEWITHSUNDEEP
androidproguardantivirus
Ricardo Carmo
Ricardo Carmo

Reputation: 376

Android Proguard have some trouble with AVG Antivirus

I made an android app that always worked fine. Suddenly, the AVG Antivirus reported that my app is a malware. After a couple hours, I found the issue:

In the build.gradle, if I use the config below to generate signed APK, AVG reports (the APK) as malware:

buildTypes {
    release {
        shrinkResources true
        minifyEnabled true
        proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
    }
}

But if I comment the last line, no threat is found:

buildTypes {
    release {
        shrinkResources true
        minifyEnabled true
        //proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
    }
}

My proguard-rules.pro has nothing special:

-keepattributes Signature
-keepattributes *Annotation*
-keepattributes EnclosingMethod
-keep class io.codetail.animation.arcanimator.** { *; }
-keep class com.example.viewholders.** {
  *;
}
-keep class com.android.vending.billing.**
-keep class cn.pedant.SweetAlert.Rotate3dAnimation {
    public <init>(...);
}
-keepclassmembers class com.example.models.** {
  *;
}

I'm using Android Studio 2.2.2 and my project uses Firebase. The AVG Antivirus version that I have in my android device is 5.9.0.1.224656.

The "malware" identified by AVG is Android/gp oi bccfdd.

Is there something that I can do to solve this problem?

Upvotes: 2

Views: 402

Answers (1)

Ricardo Carmo
Ricardo Carmo

Reputation: 376

Finally I got a solution. Just to change this line:

proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'

With this:

proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'

According to Android Studio User Guide:

"Tip: For even more code shrinking, try the proguard-android-optimize.txt file that's in the same location. It includes the same ProGuard rules, but with other optimizations that perform analysis at the bytecode level—inside and across methods—to reduce your APK size further and help it run faster."

Unfortunately, as I realized, this can cause false detections of malware by antivirus.

Upvotes: 2

Related Questions