Symantec Suspicious.Cloud.2 Detected

This forum can be browsed by the general public. Posting is limited to current SAPIEN license holders with active maintenance and does not offer a response time guarantee.
Forum rules
DO NOT POST SUBSCRIPTION NUMBERS, LICENSE KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
User avatar
Eric_Keeler
Posts: 1
Joined: Tue Jun 28, 2016 1:00 pm

Symantec Suspicious.Cloud.2 Detected

Post by Eric_Keeler » Tue Mar 07, 2017 2:04 pm

Product: PrimalScript 2017, Version & Build: 7.3.100.0 (Product: PowerShell Studio 2017, Version & Build: 5.4.136.0)
32 or 64 bit version of product: 64 bit
Operating system: Windows 7
32 or 64 bit OS: 64 bit

Hello!

Upon upgrading both PrimalScript and PowerShell Studio from versions 2016 to 2017, Symantec Endpoint Protection detected a Suspicious.Cloud.2 vulnerability in the file "SAPIEN PowerShell V2 Host (Command line) Win32.exe" and quarantined the exe as a result. These files exist in both the PrimalScript and PowerShell Studio install directories listed below. In searching the forums I have discovered that this exe has been flagged with other vulnerabilities in previous versions but no other details were provided at that time. Symantec did not identify this upon my initial installation of the 2016 version, so I can only assume the file was white listed by them at some point. Are you able to provide more information as to what is in this exe that Symantec is identifying as a risk? In the meantime I have submitted the file for review to Symantec to identify if this is a false positive, which it most likely is.

Install Directories:
C:\Program Files\SAPIEN Technologies, Inc\PrimalScript 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe
C:\Program Files\SAPIEN Technologies, Inc\PowerShell Studio 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe

User avatar
Alexander Riedel
Posts: 7106
Joined: Tue May 29, 2007 4:43 pm

Re: Symantec Suspicious.Cloud.2 Detected

Post by Alexander Riedel » Tue Mar 07, 2017 4:48 pm

We continuously monitor and scan our software and computers for virus and any other other kind of malware. So far, in all cases, reports like this have been false positives.
However, we do not know nor control what happens on your machine. So it is prudent for you to take the allegedly infected file and upload it to your anti-virus
provider for verification. They usually have a dedicated page on their site for this sort of thing.
They can then ultimately tell you if it is a true infection or just a pattern matching false positive.
Alexander Riedel
SAPIEN Technologies, Inc.