Symantec Endpoint Protection Is Blocking Exe Files

Hi,

We’ve just upgraded to 12.1.2015.2015 version of Symantec Endpoint Protection from 11.x. After upgrade all HTML Exe files generated from HTML Executable tool are getting blocked by it. On opening them we’re getting below error. We’re using HTML Exe Version 3.6. Please suggest solution to this issue & reason why it is happening.

Regards,
Sandeep Kumar

Did you digitally sign your EXE file with a code signing certificate? Looks like you have set a restrictive “Download Insight sensitivity level” (like they say on the popup)…

Anyway, you’re still using HTMLEXE 3.6, you should upgrade to HTMLEXE 4 because we don’t support this old release anymore.

Yes, we did it. We signed it with K Software Code Signing Certificate but still Symantec is blocking it. If we upgrade to HTML 4 will this problem will get fixed.

HTMLEXE 4 doesn’t create EXE files with the same structure as HE 3.6. Moreover, it is more used by others.

Just a question: are you running Symantec Endpoint Protection on the computer that builds EXE files with HTML Executable?

Hi,

After upgrade of Symantec from 11.x version to 12.x it has started blocking exe files generated from HTML Executable 4.6 as well as 3.6. Files blocked are digitally signed with a code signing certificate. We’re running Symantec Endpoint Protection on the computer that builds, downloading & opening EXE files on intranet. Error snapshot is given below.

We submitted a false positive request in Symantec for that file & they found it clean & no virus/malware in it. GDG should contact Symantec to explain this situation & must request them to include HTML Executable tool & exe files generated from it in their whitelist using link https://submit.symantec.com/whitelist/isv/. After all you compile and market the software that is causing the problem.

Can you please do needful in this regard ?

Regards,
Sandeep Kumar

Please answer my initial question

Yes, we’re running Symantec Endpoint Protection on the computer that builds EXE files with HTML Executable. Also running it on machine on which we’re downloading & opening it.

It is strongly recommended to disable any antivirus program on a computer on which you make EXE files. For the simple reason that the antivirus may believe that when compiling EXE files with our compiler, the compiler is dropping EXE files, like a dropper.

And thus it will surely automatically classify the EXE files you build as a possible threat, and send this info automatically to his signature base in the cloud. So your EXE file is then classified as a possible threat and will be detected as such on other computers which keep signatures up-to-date.

Have you tried to upload your EXE file to http://virustotal.com ? If not, please do it and post the URL given for review.

We disabled Symantec antivirus program on computer on which we made EXE files. However when we opened generated Exe on another machine having antivirus it was again blocked by it. So it did not work.

We’ve uploaded it on Virustotal. Here is the link: https://www.virustotal.com/en/file/82e288fa47356122e2d94069d5bfd729f59dbd40917ba6368f9e34b850dbd6da/analysis/1410341349/

GDG should contact Symantec to explain this situation & must request them to include HTML Executable tool & digitally signed exe files generated from it in their whitelist using link https://submit.symantec.com/whitelist/isv/. After all you compile and market the software that is causing the problem.