develooper Front page | perl.par | Postings from December 2018

[rt.cpan.org #127918] PAR::Packer produces executable with virus

Thread Previous
From:
Jeff Hemmerling via RT
Date:
December 5, 2018 01:36
Subject:
[rt.cpan.org #127918] PAR::Packer produces executable with virus
Message ID:
rt-4.0.18-9274-1543973756-690.127918-15-0@rt.cpan.org
Tue Dec 04 20:35:56 2018: Request 127918 was acted upon.
Transaction: Ticket created by jeff@hemmerling.net
       Queue: PAR-Packer
     Subject: PAR::Packer produces executable with virus
   Broken in: (no value)
    Severity: (no value)
       Owner: Nobody
  Requestors: jeff@hemmerling.net
      Status: new
 Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=127918 >


Windows Defender and Antiy-AVL are reporting that all executables
produced by Packer contain a virus (report from virustotal.com):

Microsoft:  Trojan:Win32/Skeeyah.A!rfn
Antiy-AVL:  Trojan/Win32.Miner

It also reports that "boot.exe", the Packer intermediate file, also has
this virus.  This caused the installation to fail because "boot.exe"
got quarantined as soon as it was produced.  After white-listing the
entire perl tree, installation succeeded.

We use Packer to produce a complete executable for the convenience of
our customers.  While our developers can tell Windows Defender to
ignore these files, our customers can not be expected to do the same.
Since Defender is commonly used, this is a big issue.

Any idea of a work around?
Have others encountered this issue?

Thank you.

-- 
-- Jeff Hemmerling

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About