Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (2)

Resolved Virus Detected After PB 2019 R2 Installation

  1. Issue
0
Votes
Undo
  1. John Fauss
    John Fauss
  2. PowerBuilder
  3. Thursday, 9 April 2020 04:30 AM UTC

Late last night I installed PB 2019 R2 on a desktop running Windows 10 Pro that is current with all Windows updates which had PB 2019 R1 installed. I use Bitdefender Total Security for my anti-virus and firewall (which is also current with software updates and A/V definitions) and I do not use a VPN to connect to the Internet. Since I have not yet installed IIS Express, the installation of some components (PowerServer, for example) was not successful - and that's OK, I expected that. I really only wanted PB to be installed at this point in time.

Shortly after installation completed I received a security alert from Bitdefender with the following message:

"The file C:\Program Files (x86)\Appeon\PowerServer 2020\Toolkit\Eon6F00.tmp is infected with Gen:Variant.Application.Elex.141. The threat has been successfully blocked, your device is safe."

Since it was late, I verified that PB 2019 R2 would successfully start and accept my license, which it did. I was able to open an existing workspace (last opened in PB 2019 R1) and run the small desktop application it contains from the IDE without incident.

Has anyone else run across this post-install virus alert???

  1. Installation
  2. PowerBuilder
PB2019R2 runtime installation error & question
PB Catalog on Production Systems
Accepted Answer
Armeen Mazda @Appeon
Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Thursday, 9 April 2020 04:53 AM UTC
  2. PowerBuilder
  3. # Permalink

Hi John,

From Google search it seems this is not a "virus"!  Your scanner is running in a "heuristic" mode and thinks this may be an "unwanted" program.  Specifically, the error message is usually correlated with "a program that contains adware, installs toolbars or has other unclear objectives." 

Obviously, we don't put Adware in our products!  Based on the folder path you mentioned, it seems your scanner is finding problem with the PowerServer Toolkit.  The PowerServer Toolkit is a toolbar that gets installed to the PowerBuilder IDE.  So I think the fact that it modifies PB and installs toolbar to it so your scanner doesn't like this.

Just FYI, we run virus scans on all our product code before we post our products to the website for customers to download.  Also, we provide hash code on the website so customers can verify the integrity of the download. 

Hope this helps resolve any concerns you may have.

Best regards,

Armeen Mazda
CEO, Appeon

Comment
John Fauss
  1. John Fauss
  2. Thursday, 9 April 2020 13:34 PM UTC
Thank you for your speedy and helpful response, Armeen! I have no doubt that you and your team do ALL you can to prevent the inclusion of malware in Appeon product and maintenance distributions. This was the first time anything of this nature has occurred. Re-reading my original post, I can see where it could easily be interpreted that I was accusing Appeon of sending out malware - this was not my intent, so i apologize to you, your team and the community for my poor choice of words.. I was concerned that this had happened and was looking for a rational explanation, which you provided. I have been and will continue to be a HUGE fan of Appeon!
  1. Helpful
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Thursday, 9 April 2020 14:38 PM UTC
Thanks for being such a huge fan, and no problem to keep things real on these forums. I just wanted to make sure other people reading through this didn’t misunderstand. Hope you enjoy PowerBuilder 2019 R2!
  1. Helpful
There are no comments made yet.
Responses (2)
Miguel Leeuwe
Miguel Leeuwe Accepted Answer Pending Moderation
  1. Thursday, 9 April 2020 04:46 AM UTC
  2. PowerBuilder
  3. # 1

H John,

"security alert from Bitdefender shown in the attached image" .. You forgot to attach it?

If it's of any comfort, I've had problems with:

- Avast antivirus complaining while installing and

- Kaspersky Free "changing" my executable during/after compiling a pb exe (silently).

I've used bit defender in the past and remember it to be quite picky too.

What I do now is: off Avast realtime detections, install and then on it again and run a full scan to make sure all is okay.

regards

Comment
John Fauss
  1. John Fauss
  2. Thursday, 9 April 2020 13:16 PM UTC
The image would not successfully attach for some reason [maybe it contains a virus? :) ], so I edited the post to supply the text instead. Thanks for your response, Miguel!
  1. Helpful
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Thursday, 9 April 2020 13:29 PM UTC
:)

Have you checked (maybe in your virus vault) what happens if you upload that file towww.virustotal.com ?

I'm strongly inclined to believe what Armeen says though. Some viruses are a bit touchy with their heuristic scans.
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.