• You are here:  
  • Home
  • Q&A
  • Q&A
  • PowerBuilder
  • Powerbuilder 2017 R3 Executables being block by Cylance

Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (2)

Resolved Powerbuilder 2017 R3 Executables being block by Cylance

  1. Issue
0
Votes
Undo
  1. Thomas Chiu
    Thomas Chiu
  2. PowerBuilder
  3. Friday, 20 September 2019 15:01 PM UTC

Does anyone use Cylance as a anti-virus/anti-malware tool?  Our company migrated from Trendmicro to Cylance and all of a sudden (on Windows 10 PCs), some of our Powerbuilder compiled executables are now being blocked by Cylance and deemed as unsafe.  

Even our simplest applications where it interacts with a SQL Server database through datawindows are being blocked.  From what I understand, Cylance uses a combination of behaviors and virus signatures to detect if an application is deemed dangerous.  

I'm just curious if anyone else has ran into this issue.  We are having to manually unblock all of our applications within Cylance right now to get our applications to work.  

**Update on some discoveries I made.  I created a brand new PB application.  One blank window and the open event of the application opens the blank window.  The very first time I compiled the application to create the executable, Cylance immediately marked it as "Dangerous" and quarantined the .exe file. 

I'm curious now on if Powerbuilder 2017 R3 is the culprit here.  Maybe something to do with how PB compiles the application that makes Cylance think it is somehow dangerous.  

Install powerbuilder 2019 r3 problem: Another inst...
Missing borders in Windows 10
Responses (2)
Miguel Leeuwe
Miguel Leeuwe Accepted Answer Pending Moderation
  1. Saturday, 21 September 2019 04:20 AM UTC
  2. PowerBuilder
  3. # 1

Hi, 

At home, I was using Kaspersky Free Antivirus. Even the simplest genapp application that I compiled with PB, no db access or anything weird, would not work.

I'd compile the project to create the executable, without any errors. Then when running the exe nothing would happen, nothing no error message, no event viewer log entry. 0.

I sent it as a bug to Appeon and they told me that the executable size was different of when they generated it.

In other words, I had to uninstall Kaspersky Free and now everything works fine.

Maybe, like David said, I could have simply added an exception for Appeon to Kaspersky, but in my opinion, the more exceptions you add to antivirus, the less protective they are. If appeon itself would get infected, Kaspersky wouldn't find that, so I've gone for the option of simply using the windows Defender.

 

Comment
Thomas Chiu
  1. Thomas Chiu
  2. Monday, 23 September 2019 12:28 PM UTC
Miguel,

Thank you for sharing your experience. Looks like I'm going to have to make exceptions for all of our applications on Cylance's side of things. Thanks again!
  1. Helpful
There are no comments made yet.
David Peace (Powersoft)
David Peace (Powersoft) Accepted Answer Pending Moderation
  1. Friday, 20 September 2019 15:11 PM UTC
  2. PowerBuilder
  3. # 2

Hi

Not your antivirus specifically. With our Hotel software we have hit this with a number of antivirus tools and you just need to put in a exception to get over it.

Can you set up a group policy to push out the exception on your network?

Just a thought.

Regards

David

Comment
Thomas Chiu
  1. Thomas Chiu
  2. Friday, 20 September 2019 15:32 PM UTC
David,

Thanks for sharing your experience. Yes we already have group policies in place to do various things. It is just a bit annoying because it seems to be random. Some of our compiled executeables work while others are blocked with virtually no indication on why Cylance is flagging it as dangerous. It is easy enough to have our security team unblock the applications, but it seems to be unpredictable at best.
  1. Helpful
mike S
  1. mike S
  2. Friday, 20 September 2019 17:15 PM UTC
AV usually seems to flag the port access to sql server (or other databases)
  1. Helpful
Satya Yendamuri
  1. Satya Yendamuri
  2. Tuesday, 2 February 2021 05:37 AM UTC
I had the same problem. My company uses Cylance antimalware/virus tool. For me it never allows me to create a successful executable. The IDE terminates when it is writing the files and then when I see the Cylance tray the .exe file was already caught there and moved to quarantine.



My question: Would it still block from creating executable, at least I should be able to finish creating executable successfully and then block the .exe later right? Why am I not able to build the executable successfully?
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.