Kaspersky delays execution of programs compiled with Lazarus / Free Pascal

[den4b]

Kaspersky seems to have problems with binary files compiled with Lazarus IDE / Free Pascal. Every time I compile/build a project, even an empty dummy application, Kaspersky takes about 25-30 seconds to scan the binary file before allowing it to launch. This is on a powerful Core i7 @ 4GHz, where Kaspersky uses 100% of a single core during the scan.

If I don't recompile/rebuild the project, the second launch of the binary file is almost instant as Kaspersky is probably using some sort of cache and doesn't scan it second time. However, as soon as I recompile/rebuild the project, it will start the long scan again. As a temporary workaround, I had to add every binary file produced by Lazarus IDE / Free Pascal to the exclusion list in Kaspersky.

I noticed that other people are having the same issue and decided to share my findings. I have been in contact with Kaspersky support and I have good news.

Workaround:
In Kaspersky, open Settings -> Application Control -> Settings and set Maximum time to determine the application group to 1 second. However, it solves the issue only on one machine. Users of your applications as well as users/developers of all applications developed with Lazarus IDE / Free Pascal are still affected.

Solution:
The issue was confirmed by Kaspersky developers. They will be adding the Lazarus to the list of compatible programs as currently its not there.

This was experienced with Kaspersky Internet Security 2012/2013 and Lazarus 1.0.4 (FPC 2.6.0) and previous versions as far as I can remember, haven't tried 1.0.6 yet but 99.9% certain it is also affected.

I hope it helps

[Newmann]

I have the same issue with Kaspersky, but instead of adding every file I compile, I just added my entire Projects folder to the exclusions list - way faster!

Go: Settings > Advanced Settings > Threats and Exclusions > Exclusions > Settings, and click "Add". In the new window, click ""select Object", enter the root of your projects/Lazarus folder (wherever you save your files) - make sure the "include sub-folders" box is ticked, and click OK.
Leave the "Threats Type" box un-ticked, and click OK again - your folder should now be in the list of excluded items. This is the fastest way to get Kaspersky off your back for when you recompile.

Sure the initial launch on your end users machine will be slow as well (for pretty much any AV), but every time after that will be very fast. Not that I'm an expert, but I figure it has to do with the heuristic analysis of the AV engine. Once it scanned a file and knows its clean it doesn't bother again - and since you don't distribute every build to the end users it shouldn't be a problem...

This way you don't really mess with the operation of the AV when it comes to protecting the rest of your system, and you also get the compiling speed you want. 

[Leledumbo]

Want an even much faster solution? Get out of Windows

[wildfire]

Want an even much faster solution? Get out of Windows

Hardly an option if your target market are still windows users in the majority.

BTW Linux/OSX users are not immune to infections either.

[Leledumbo]

Hardly an option if your target market are still windows users in the majority.

Just cross compile, windows is easy FPC target because it has everything internally (assembler and linker). Testing can be done on wine, or a second machine. It's the development that needs to be done fast, right?

BTW Linux/OSX users are not immune to infections either.

Well it's stronger for me, at least I don't have to install antivirus whatsoever and no need to be afraid of a hidden autorun.inf gets executed when I open an inserted external device.

[wildfire]

Well it's stronger for me, at least I don't have to install antivirus whatsoever and no need to be afraid of a hidden autorun.inf gets executed when I open an inserted external device.

Are you being serious here, or am I feeding a troll?

I could say the same about windows, the best security is in your own head, but honestly you're advocating no AV for linux users because you're not that stupid to get caught out. Am I right?

[Leledumbo]

Are you being serious here, or am I feeding a troll?

Serious.

I could say the same about windows, the best security is in your own head, but honestly you're advocating no AV for linux users because you're not that stupid to get caught out. Am I right?

Half right. I'm not so stupid but linux doesn't have many of those windows security holes. Autorun is not available without installing additional program, only your own personal folder (and partitions with unsafe file system) is totally writable by default, executing special commands will require su(do) and ask you to give password. Unless you run as root all the time, many bad things simply won't find their way to your system.

[wildfire]

Unless you run as root all the time, many bad things simply won't find their way to your system.

And there's the crux. Yes Windows has it's security flaws, as does Linux (in any flavour) and any other OS. The largest being the end user. You can never account for a user's stupidity. I recall in the 80's asking what a user done in a DOS machine, he saw the program recover.exe and entered it. A few hours later we did restore the HD and the user was henceforth banned from using the computer.

I am not denying that linux is mainly more secure than windows, however with the right people windows can be made very tight. More and more people are switching to other OS's (not a bad thing) but they bring their ignorance with them, I would never suggest you don't need any security software, no matter what OS you're using.

[TurboRascal]

BTW Linux/OSX users are not immune to infections either.

I use and have used Linux for ages and NEVER ever installed an antivirus on ANY Linux desktop machine. I know of a lot of people using Linux and nobody of them haven't even had a thought of installing an antivirus, same as me. In fact, it's one of the reasons to switch from Windows to Linux that we tell people - "no disk fragmentation and no need for defragmenters, no registry errors, no viruses and no need for antivirus programs".

There is only one case I know where people use antivirus programs on Linux, and that is on file/ftp/http servers. The antivirus is not needed because of the server itself, but to protect Windows users downloading (possibly infected executable) files from it.

[wOvAN]

your compiled exes are not digitalyy signed since that kaspersky heavily  scans it. I don't remember the name of a feature but it's one of those proactives, you can switch it off or whitelist your project dir

[josepmvp_8]

I have the same issue with Kaspersky, but instead of adding every file I compile, I just added my entire Projects folder to the exclusions list - way faster!

Go: Settings > Advanced Settings > Threats and Exclusions > Exclusions > Settings, and click "Add". In the new window, click ""select Object", enter the root of your projects/Lazarus folder (wherever you save your files) - make sure the "include sub-folders" box is ticked, and click OK.
Leave the "Threats Type" box un-ticked, and click OK again - your folder should now be in the list of excluded items. This is the fastest way to get Kaspersky off your back for when you recompile.

Hi!
I am having the same problem and I did what you said but all the compiled files keep being analized by Kaspersky every time I compile or open them for the first time...
I have put my folder including subfolders with the .exe files in exclusions but it didn't work... do you know why could it be happening?!
Thank you!

[User137]

Want an even much faster solution? Get out of Windows

Or even faster solution, get rid of antivirus-software  (I haven't used 1 for many many years... well occasional scans with some tools but they find nothing.)

[Deepaak]

Want an even much faster solution? Get out of Windows

This is not a solution. this is an excuse.
because dumping windows for antivirus is not a good idea.. 

Or even faster solution, get rid of antivirus-software  (I haven't used 1 for many many years... well occasional scans with some tools but they find nothing.)

The best solution, till kaspersky add lazarus/fpc to their safe list.

[Leledumbo]

This is not a solution. this is an excuse. 
because dumping windows for antivirus is not a good idea..   

I don't dump windows for antivirus, but for other OS
Trust me, once you get the grip of other OS (which should take about the same amount of time you learn windows, maybe less), you'll feel relieved that you've left windows.

[Deepaak]

This is not a solution. this is an excuse. 
because dumping windows for antivirus is not a good idea..   

I don't dump windows for antivirus, but for other OS
Trust me, once you get the grip of other OS (which should take about the same amount of time you learn windows, maybe less), you'll feel relieved that you've left windows.

I too love linux, i had used many distros till date, but one thing is there which cannot be denied. Windows is on top, and is on priority for a developer. So form a developer point of view, a developer can not leave windows for a particular AV. Hope Kaspersky adds lazarus/fpc to their safe lists.