Questions? Feedback?powered byOlark live chat software
Bug 3102

CrowdStrike software flags Powerbuilde EXE as malicious 13 August, 2019

Tim Isenmann
29 July, 2019
Product: PowerBuilder Category: Third Party Software
Version: 2017 R2 Publishing: Public
Status: Reproducing Priority: P2
Classification: Resolution:
Mark Lee 13 August, 2019
Hi Tim,

Thanks for your feedback.
We will wait for your confirmation!

Regards,
Mark Lee
Chris Pollach 02 August, 2019
Hi Tim;

  No problem .. we'll leave this ticket open for you.

BTW: I am starting my vacation today. I have CC'ed in Cedric Pernet from our support team to assist you further while I am away.

Regards ... Chris
Tim Isenmann 02 August, 2019
Let's leave it open for a bit and see if CrowdStrike can solve it.  I will update this ticket as needed.
Chris Pollach 02 August, 2019
Hi Tim;

  Thank you for the feedback!
May we close this ticket?

Regards ... Chris
Tim Isenmann 02 August, 2019
Are Cyber Security team is working with CrowdStrike to resolve the issue.  They have not asked for additional information from us, so I suspect the problem is not with our PB2017 .EXE file, but rather with CrowdStrike inadvertently flagging it.
Tim Isenmann 02 August, 2019
Are Cyber Security team is working with CrowdStrike to resolve the issue.  They have not asked for additional information from us, so I suspect the problem is not with our PB2017 .EXE file, but rather with CrowdStrike inadvertently flagging it.
Chris Pollach 02 August, 2019
Hi Tim;

  We have not heard back from you for a while. Were you able to resolve this issue?

Regards ... Chris
Chris Pollach 29 July, 2019
Hi Tim;

  We have had the odd customer with this type of problem. Mostly when using the   kaspersky AV vs CrowdStrike. However, no issues with Norton, McAfee, Avast, etc and especially the "built-in" MS-Windows AV ... Windows Defender.

  I suspect that your issue is in the CrowdStrike software. I would suggest that you contact your AV vendor for a fix. The PB generated EXE does not or has nothing special in its composition that should trigger this type of AV issue.

HTH
Regards ... Chris
Tim Isenmann 29 July, 2019
*Phenomenon:  CrowdStrike software on our network is flagging a PowerBuilder 2017 .EXE file as malicious.  This is did not occure with PowerBuilder 12.5 .EXE files.


*Reproduce Steps:  With CrowdStrike anti-virus program running, attempt to open PowerBuilder 2017 created .EXE file.


Remarks:
OS:
Windows 7 
Platform:
32-bit 
Database Type:
IBM Informix 
Database Version:
11.x