jmG-06100 Posted January 25, 2018 Report Posted January 25, 2018 Now that I have upgraded PTE to version 9.0.15, every EXE file that I create Under Windows 7 is removed for potential virus infection. Windows 7 - Business Edition; Version : 6.1.7601 That is for a single stand-alone EXE file. No problem with "Windows certified" EXE file and associated PTshow sidecar. Is that a "false positive", or do other users have similar problems of virus detection with other virus/malware detction/protection systems? https://www.f-secure.com/en/web/labs_global/home All files *.exe listed below have been created by me today, using PTE9. I have made a test with PTE8: no malicious virus detected at all. *** I have sent a simple sample suspect EXE file to. F-Secure Customer Care <customer-care@f-secure.com> and I will report any response that I may obtain from them. Quote
Lin Evans Posted January 25, 2018 Report Posted January 25, 2018 It's a false positive and the software company needs to correct their problem... Best regards, Lin Quote
Igor Posted January 25, 2018 Report Posted January 25, 2018 Thanks, We'll inform developers of F-secure about this problem. Quote
Igor Posted January 25, 2018 Report Posted January 25, 2018 We sent a report to F-secure developers. You can also send a report about false positive here: https://www.f-secure.com/en/web/labs_global/submit-a-sample Quote
jmG-06100 Posted January 25, 2018 Author Report Posted January 25, 2018 I did write that I sent a sample EXE file to F-secure and they replied: <<Greetings, Thank you for contacting F-Secure. We are in the midst of evaluating the file you submitted. We will notify you with an update once the analysis is complete. Please do not hesitate to contact us should you require further assistance. Thank you. Best regards, Shem Malware Analyst F-Secure Security Labs>> So let's hope they fix the false positive quickly. Thanks for your two rapid replies to my worry. Quote
Igor Posted January 26, 2018 Report Posted January 26, 2018 Quote Greetings, Thank you for bringing this to our attention. Our analysis indicates that the file you submitted is clean. We have identified the issue as a False Positive, which will be resolved in an upcoming database update. In the meantime, you may exclude this file from further scanning by the security product. You can do so using the following instructions: Internet Security 2015:https://community.f-secure.com/t5/F-Secure-SAFE/How-do-I-exclude-a-file-or/ta-p/56363 Client Security:https://help.f-secure.com/product.html#business/client-security/12.00/en/task_13205052E3D44C44BA2491A55A7F818F-12.00-en Policy Manager and PSB Workstation:https://community.f-secure.com/t5/Management/Excluding-objects-from-Real-Time/ta-p/66013 If you wish to manually update your security product's database, you can use the tools and instructions at:https://www.f-secure.com/en/web/labs_global/removal-tools/-/carousel/view/140 We apologize for any inconveniences that this false positive may have caused. If there is anything else we can help you with, please do not hesitate to contact us again. Best regards, Li Ken Malware Analyst F-Secure Security Labs Quote
adriano.mascherin Posted January 27, 2018 Report Posted January 27, 2018 I have the same problem with this difference: I have reinstalled PTE because I was enable to create the exe file The first time I created the exe file, but right after appear the message from F-secure that remove the file PCExecutable.dat I try to create one more time the exe file , I have un error by PTE and a warning by F-secure Pte gets stucks I think that second error is due to the file erased in the first step but, now I don't know what to do. With the PTE 8:0 I can create the exe file without problem and the antivirus does not intervene. I hope for some solution Best regards Adriano Mascherin Quote
jmG-06100 Posted January 27, 2018 Author Report Posted January 27, 2018 Adriano The simplest way to avoid the current problem, with PTE9.0.15, is to generate an EXE file that is "certified for Windows", i.e. the second option in the CREATE menu and not to create the single EXE file ("F9" shortcut). Otherwise, once you have finalised your project, you can create the single EXE file that F-secure will move to the Quarantine folder. You can then go to F-secure, look at the files in Quarantine and instruct F-secure that your EXE file is actually clean (but you will need to do that each time PTE9.0.15 generates a new EXE file). The previous release of PTE9 does not give rise to this conflict with F-secure. Maybe you can make a very short PTE project, generate the EXE file and then send it to F-secure so that they may modify their software quicker if we are many more users to complain... Quote
adriano.mascherin Posted January 27, 2018 Report Posted January 27, 2018 In my case I don't be able to create exe file, because the antivirus stop PTE. The only way is to disable the antivirus, create exe file, reactivate antivirus and exclude the antivirus control on this file. Is it really just an antivirus problem? The previous version don't give this problem. Best regards Quote
Lin Evans Posted January 27, 2018 Report Posted January 27, 2018 Yes Adriano, Did you not read the message from F-Secure? It is an antivirus problem... ============================================= "We apologize for any inconveniences that this false positive may have caused. If there is anything else we can help you with, please do not hesitate to contact us again." Best regards, Li Ken Malware Analyst F-Secure Security Labs ============================================= Best regards, Lin Quote
wideangle Posted January 28, 2018 Report Posted January 28, 2018 My antivirus is Bullguard and that is flagging similar issues and quarantining the files. The effect on my PicturesToExe 9.0.15 is that I am not able to run Previews at the moment. Regards wideangle Quote
jmG-06100 Posted January 28, 2018 Author Report Posted January 28, 2018 Hello Wideangle I'm sorry to read that yet another antivirus believes there is a malware when there ain't none ; Bullgard probably shares part of the same database as F-secure. In my case, the PREVIEW within PTE9 works fine and the only problem occurs with EXE files that I create to conclude. I have once again written to customer-care@f-secure.com to encourage them to find a solution. I also asked: <<Is there a specific signature in our EXE files that you could maybe indicate to WNsoft, the developer of PTE, who might then be able to adapt their software to avoid F-Secure false positive?>> But I do not really believe that's the way to go! Quote
jmG-06100 Posted January 28, 2018 Author Report Posted January 28, 2018 On 26/01/2018 at 12:53 PM, Igor Kokarev said: Igor, As an interim solution, is there a way for me to revert to the previous version (PTE 9.0.14) that had no conflict with F-secure? Unfortunately I did not keep a downloaded version of it, as I performed the upgrade directly. Could you please give us a link for dowload? Many thanks. Quote
wideangle Posted January 28, 2018 Report Posted January 28, 2018 Igor Same request as jmG-06100 please. Regards wideangle Quote
smithrg Posted January 28, 2018 Report Posted January 28, 2018 I hope I am not violating any rules, I have added the link to 9.0.14. Hope this helps and not against the rules, Robert. http://www.mediafire.com/file/hu44eqi2420gucw/picturestoexe 9.0.14 -setup.zip Quote
jmG-06100 Posted January 28, 2018 Author Report Posted January 28, 2018 Many thanks, smithrg. I have very quickly done the dowload to get, it seems, version 8.0.14; I then tried again and obtained the desired 9.0.14 file. Great stuff. I will now use that previous version for a while. Thanks again. P.S. I have kept both versions on my computer (I just RENAMED the newest "PicturesToExe.exe" file as "PicturesToExe_9.0.15.exe") so that I can easily use one version or the other, and check when F-secure stops giving a false positive. Quote
smithrg Posted January 28, 2018 Report Posted January 28, 2018 jmG-06100, I first made a mistake and uploaded 8.0.14, instead of 9.0.14, that is how you got the wrong link first. I wasn't fast enough with my edit to correct it before you downloaded ver.8. Best regards Quote
jmG-06100 Posted January 28, 2018 Author Report Posted January 28, 2018 All is well that ends well. Many thanks. Quote
wideangle Posted January 28, 2018 Report Posted January 28, 2018 Thank you. All behaving normally again. Regards wideangle Quote
adriano.mascherin Posted January 28, 2018 Report Posted January 28, 2018 Many thanks smithg for the previous version of PTE 9.0.14 that run normally without problem , pending the solution of 9.0.15 problem . Best regard Adriano Mascherin Quote
Lin Evans Posted January 28, 2018 Report Posted January 28, 2018 Adriano - it's not a 9.0.15 problem, it's an anti-virus false positive problem.. Lin Quote
jmG-06100 Posted January 30, 2018 Author Report Posted January 30, 2018 F-secure appear to have corrected their bug, as I have no warnings anymore on a good dozen EXE files generated by PTE 9.0.15 yesterday (similarly with PTE 9.0.16 of today). However one large EXE file (4 Giga Bytes) that I created on January 25th is still flagged as potentially harmful and blocked by the antivirus. The new version of that same file is OK now. Note that Igor has stated that PTE version 9.0.16 "Fixed problem with BitDefender antivirus due to false positive. Developers of BitDefender were informed about this problem, but solution might take several days or more. We simply rebuilt the executable files of PicturesToExe to avoid a conflict with BitDefender wrong detection. " Hopefully that will also help with F-secure, bullguard and others. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.