• You are here:  
  • Home
  • Q&A
  • Q&A
  • PowerBuilder
  • Deployed Apps threated as Virus threat and removed by the AV

Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (3)

Resolved Deployed Apps threated as Virus threat and removed by the AV

  1. How-to
0
Votes
Undo
  1. Dexter Madrinan
    Dexter Madrinan
  2. PowerBuilder
  3. Thursday, 7 October 2021 12:24 PM UTC

Hi Sir,

 

We had an issue regarding our deployed app build from PB2019R3 where our application (.exe) was removed automatically by the Antivirus. Can someone give us advice on how to handle this and resolved our problem? Is code signing from the authority store will able to resolve this issue?

 

Regards,

 

Dexter 

 

 

Annoying privacy page keeps opening up on Chrome.
Using dw.Object.column error after compile using p...
Responses (3)
Miguel Leeuwe
Miguel Leeuwe Accepted Answer Pending Moderation
  1. Friday, 22 October 2021 12:06 PM UTC
  2. PowerBuilder
  3. # 1

We are having sometimes problems and sometimes not (with the same application). The other day, once again I got Avast telling me there was a virus after pausing on the login window (no virus detected sofar !), since the database was down and had to login on the server to start the oracle instance. When typing in my password again in the app, I got this:

So this happens like "random". I could complain with Avast, but it seems I'm going to have to keep complaining for every release of Appeon and every release of our executables. For development, I just exclude the folders, but yes ... if this starts to happen on customers we'll have to sign the apps and cross our fingers they don't use Avast.

WHY does this not happen with pb12.6 executables? I still feel that Appeon could / should do something about this.

 

best regards.

 

 

Comment
Load more comments
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Saturday, 23 October 2021 19:20 PM UTC
You are probably right. Especially since we only do an exe with all the rest pbd files.

regards
  1. Helpful 1
mike S
  1. mike S
  2. Sunday, 24 October 2021 12:07 PM UTC
I know on my applications that the AV is activated when my apps connect to a database.

i believe any app using sockets/tcpip for any reason gets flagged by AV
  1. Helpful
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Sunday, 24 October 2021 16:10 PM UTC
That makes sense: It didn't show any AV message until I connected to the database in the login window. How strange though that it only happens sometimes.
  1. Helpful
There are no comments made yet.
Dexter Madrinan
Dexter Madrinan Accepted Answer Pending Moderation
  1. Sunday, 10 October 2021 02:33 AM UTC
  2. PowerBuilder
  3. # 2

Ok Armeen, I will try your advice. thanks a lot.

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Sunday, 10 October 2021 03:19 AM UTC
You're very welcome.
  1. Helpful
There are no comments made yet.
Armeen Mazda @Appeon
Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Thursday, 7 October 2021 14:38 PM UTC
  2. PowerBuilder
  3. # 3

Hi Dexter,

I recommend to do the following things:

1. Sign your application .EXE with a trusted certificate.

2. Sign all external DLLs with at trusted certificate.

3. Include built-in manifest file.

4. Report the false positive to the A/V vendor.

5. If problem keeps happening switch to different A/V vendor.

Best regards,
Armeen

Comment
Benjamin Hübner
  1. Benjamin Hübner
  2. Friday, 22 October 2021 08:11 AM UTC
Hi Armeen,



which certificate provider can you recommend?

And which tool can be used for signing the .EXE and DLLs?



Regards,

Benjamin
  1. Helpful
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Friday, 22 October 2021 08:23 AM UTC
Any relatively popular one is fine. Just use the Windows signtool.exe.
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.