Latest Update Package for PSStudio 2017 sets off malware alerts

Anything you want to tell us? Praise? Criticism? Post it here. Please keep it professional and constructive.
Forum rules
Do not post any licensing information in this forum.
This topic is 6 years and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
kpersit
Posts: 2
Last visit: Thu May 04, 2023 9:49 am

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by kpersit »

Alexander Riedel wrote: Mon Oct 09, 2017 1:07 pm If you are not packaging for the target that these products are complaining about, it is not a problem.
You need to contact your antivirus vendor. These files are not infected as far as we can tell. Our anti-virus scanners do not report them as infected and several vendors have already white listed them as we are told. But we cannot submit files ourselves to YOUR anti-virus software vendor.

IMPORTANT: Please read other user's posts and our replies. If you have the same issue, you will get the same reply. We have no control over the way your anti-virus vendor scans for patterns. We cannot submit files to them. We scan our files continuously and we have no indication of an actual verified infection with anything.
That generic reply just tells me this company has little regard for security. "As far as we can tell" is a very poor response without anything more substantial to back it up. More almost a third of the major AV vendors out there are still as of today flagging this as malware, more than a week after it was initially reported. I would think as a software company you would be proactively working with these companies as to WHY they are flagging your software instead of just repeating that the ones you run don't find anything. Have your teams completed code audits to confirm that the current build has no malicious changes that were implemented without knowledge? Case in point - the recent CCleaner malware!
User avatar
Alexander Riedel
Posts: 8479
Last visit: Thu Mar 28, 2024 9:29 am
Answers: 19
Been upvoted: 37 times

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by Alexander Riedel »

Why would you assume we have not done that? Of course we immediately verified that we have nothing infected. The "As far as we can tell" obviously refers to the often stated "we do not know what you do on your computer". What more substantial would you want to back this up? You are welcome to come by our office and look at the code and the build process yourself, if that is what you need to do.
Our customer's security is quite obviously of our utmost concern.
I can only recommend to contact your anti-virus vendor who has not reacted after more than a week to multiple reports of what obviously is a false positive.
We have contacted ALL anti-virus vendors in this matter. Unfortunately they do not share your or our concern for urgency and rather err on the side of caution. Which we may not like, but if you have more than 'little regard for security' you can probably understand that.
Alexander Riedel
SAPIEN Technologies, Inc.
User avatar
rheckber
Posts: 1
Last visit: Mon Jan 30, 2023 5:06 pm

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by rheckber »

I am getting the same notification from Trend Micro Office Scan (Pattern File 13.709.00)

File Name Threat File Path
SAPIEN PowerShell V2 Host (Windows Application) Win32.engine TROJ_GEN.R002C0PJ817 C:\Program Files\SAPIEN Technologies, Inc\PowerShell Studio 2017\ScriptEngines\
User avatar
Alexander Riedel
Posts: 8479
Last visit: Thu Mar 28, 2024 9:29 am
Answers: 19
Been upvoted: 37 times

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by Alexander Riedel »

We are aware, thanks. A good number of these AV engines report different problems with the same file, which is generally a good indication for a false positive.
However that is never a reason to be complacent. You should always check with your AV provider.
We are working on the problem from our end, as mentioned before.
Alexander Riedel
SAPIEN Technologies, Inc.
This topic is 6 years and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked