I received the following reply from McAfee for my submission of the exe created by Powerbuilder 2022.   

*******************************************************************

Dear Sir/Madam,

Thank you for contacting us.

We have reviewed your submission for whitelisting of your software and the submitted files have been Whitelisted.

Regards,                       

McAfee Data Submission Team

On further observation,

1.  We created a 64bit exe, in the same machine which created 32-bit exe, which was not deleted by McAfee.   We repeated the process, where we found that McAfee deletes only 32-bit exe and NOT 64-bit exe.

2.  We copied 32-bit application, to another machine, which runs Windows 7, with the same version of McAfee [updated to the latest version].   McAfee didn't delete the application and it's working fine.

3.  We copied 32-bit application to another machine, which runs Windows 10, with the same version of McAfee [updated to the latest version].  McAfee deleted the 32-bit exe.  64-bit exe works fine.

Windows 10                 32-bit               Deleted
Windows 10                 64-bit               Works Fine
Windows 7                   32-bit               Works Fine
Windows 7                   64-bit               It didn't get deleted, but it didn't run.

Note:  I'vent updated [drivers, dlls etc] this application for 64-bit.

Happiness Always
BKR Sivaprakash

This answer is for @mike S.

Yes. The antivirus removes the exe right after the files is created and the first bytes are written (don't know how many - have no access to see). 

Follows a screenshot:

The first incident is when compiling with PBAutoBuild220. Then second on is with PBC220.

Last lines PBAutoBuild220 shows:

12:07:06 [Normal]       Rebuild complete.
12:07:06 [Warning] pfcapsrv.pbl(pfc_n_cst_conversion).pfc_n_cst_conversion.of_pdfmethod.68: Warning     C0240: The XSLFOP! export method is no longer supported. If used for export, it will be directly changed to Distill!.
12:07:06 [Warning] pfcapsrv.pbl(pfc_n_cst_conversion).pfc_n_cst_conversion.of_string.61: Warning     C0240: The XSLFOP! export method is no longer supported. If used for export, it will be directly changed to Distill!.
12:07:06 [Error] Create of executable file failed
12:07:06 [Error] Creation of executable failed with a link error
12:07:06 [Error] Failed to compile the target file. File name: C:\Dev\DWSyntaxModifier\dwsyntaxmodifier.pbt
Bye (-_-)

Last lines PBC220 shows:

        Rebuild complete.
 Library: c:\dev\dwsyntaxmodifier\pfcapsrv.pbl     Object: pfc_n_cst_conversion         Function: pfc_n_cst_conversion::of_pdfmethod             (0068): Warning     C0240: The XSLFOP! export method is no longer supported. If used for export, it will be directly changed to Distill!.         Function: pfc_n_cst_conversion::of_string             (0061): Warning     C0240: The XSLFOP! export method is no longer supported. If used for export, it will be directly changed to Distill!.Create of executable file failed
Creation of executable failed with a link error

I repeat, the error happens when linker tries to write the first bytes in exe... You can see that in PBAutoBuild220 where rebuild time is equal to executable creation error time.

Same issue happens when compiling from PB. But only in 32-bit.

Andreas.

Anti virus doesn't seem to like Appeon very much. I've had many problems with PB versions since Appeon took over. I'm not saying it's Appeon's fault. I really, really dislike Avast, but that's what I'm dealing with. I've seen similar false positives with .Net applications.

The other day I created and executable and ran it. As usual, Avast first has to check it and it was approved to be safe. Then whilst running the app, I suddenly get a virus warning after having opened some windows.

Created the same executable again and never got a warning again.

I'll add my folders for PB executables to the exceptions list, but using exceptions kind of destroys the benefits of having an anti virus.

just my 2cts.

Hi.

A question for those who's answer is "sign the exe".

In my case, when using PB 2022, the exe isn't created at all when deploying in 32-bit... Our antivirus is Check Point Endpoint Security...

Here is what I see in the IDE:

 ---------- Deploy: Deploy of project p_dwsyntaxmodifier   (9:42:12 πμ)
Creating executable file . . .
Inspecting Application Dependencies...
[...]
Inspecting application libraries...
 ---------- Finished Deploy of project p_dwsyntaxmodifier   (9:43:06 πμ)

 ---------- Linker: Errors   (9:43:06 πμ)
Create of executable file failed
 ---------- Finished Errors   (9:43:06 πμ)

So there is no way to sign a file that was never created.

What is your advice for such a situation? Why this only happens in PB 2022 when deploying in 32-bit?

Of course, as the exe isn't generated there is no way to report a false positive. It seems that exe creation is terminated by antivirus at the very beginning of linkage stage.

I mention that it work fine in:

• PB 2019 R3 32-bit and 64-bit.
• PB 2021 32-bit and 64-bit.
• PB 2022 64-bit.

On my laptop (where I have a different antivirus - bitdefender), it works fine in all cases mentioned.

Andreas.

sign the exe.  

It definitely stopped McAfee from deleting our PB generated exe in PB 2017 (PB 12.x and prior it had no problems with).  haven't tried it with newer builds but i assume it will be the same.  

Report the false positive to McAfee so they improve their algorithms in future updates to not flag it.  In meantime, you are correct you need to add to exclusion list.