Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: PAR::Packer generated EXE that was detected as a trojan...

by marto (Cardinal)
on Sep 15, 2018 at 06:18 UTC ( [id://1222413]=note: print w/replies, xml ) Need Help??


in reply to PAR::Packer generated EXE that was detected as a trojan...

It's not corruption. Think of pp as creating a self extracting executable. For a while pp installation failed for me on windows at the test phase, because rapidly creating exes which self extract and ran elsewhere on the system (a temp directory) triggered some rule within the AV product as something malicious. You could try specifying the target temp directory and maybe whitelist this within the product. This sort of thing has come up a few times (Sophos hates PAR::Packer!,Super Search for more). Do both systems use the same av version and definition file?

Replies are listed 'Best First'.
Re^2: PAR::Packer generated EXE that was detected as a trojan...
by swl (Parson) on Sep 15, 2018 at 07:35 UTC

    I get the same issues with Symantec Endpoint Protection. I added an exception for it in my system so it does not pester me now. Or possibly it is whitelisted in the upgrade I ran recently. Regardless, I installed PAR::Packer under Strawberry Perl 5.28.0 a few hours ago and there were no issues flagged by the AV system.

      I installed a new Win7 x86 in VMWare with Strawberry Perl 5.28.0.1 and built my EXE using pp. Guess what? It was also detected as a trojan in my Win10 x64 machine by Windows Defender!!!

      As my real box has the same version of Strawberry Perl and can generate EXE files OK, without being detected as trojan by the same machine, I think that it is something to do with x86 versions of generated executables...

      I'll try the notification to Windows Defender team road.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1222413]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (4)
As of 2024-03-28 22:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found