F-Secure Antivirus deletes files of Powershell Studio

This forum can be browsed by the general public. Posting is limited to current SAPIEN license holders with active maintenance and does not offer a response time guarantee.
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 11 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
User avatar
albourne
Posts: 4
Last visit: Fri Dec 09, 2022 2:25 am

F-Secure Antivirus deletes files of Powershell Studio

Post by albourne »

Malicious code found in file C:Program Files (x86)SAPIEN Technologies, IncPowerShell Studio 2012ScriptEnginesPoshExeHostForms.exe.

Infection: Gen:Variant.Barys.2182

Action: The file was quarantined.


85 2012-11-08 13:32:03+02:00 apcy2534 ALBOURNEakanakar F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Malicious code found in file C:Program Files (x86)SAPIEN Technologies, IncPowerShell Studio 2012ScriptEnginesPoshExeHostWin.exe.

Infection: Gen:Variant.Barys.2182

Action: The file was quarantined.


86 2012-11-08 13:32:05+02:00 apcy2534 ALBOURNEakanakar F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Malicious code found in file C:Program Files (x86)SAPIEN Technologies, IncPowerShell Studio 2012ScriptEnginesPoshExeHostFormsV3.exe.

Infection: Gen:Variant.Barys.3060

Action: The file was quarantined.


87 2012-11-08 13:32:05+02:00 apcy2534 ALBOURNEakanakar F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Malicious code found in file C:Program Files (x86)SAPIEN Technologies, IncPowerShell Studio 2012ScriptEnginesPoshExeHostWinV3.exe.

Infection: Gen:Variant.Barys.3060

Action: The file was quarantined.
User avatar
davidc
Posts: 5913
Last visit: Mon Jul 08, 2019 8:55 am
Been upvoted: 2 times

F-Secure Antivirus deletes files of Powershell Studio

Post by davidc »

We scanned the files with various antivirus tools and did not find anything viruses. Sometimes antivirus scanners can mark an executable as false positives. I recommend submitting the files to your antivirus provider and ask them verify if it is indeed a False Positive.

I also attached newer version of the engines to this post. Can you verify that these also flag?

David


Attached files /FileUpload/c2/6c830e64f6119bc6cd3dee19c7d353.zip (64.9 KB)
David
SAPIEN Technologies, Inc.
User avatar
eric.morsa@isl.be
Posts: 9
Last visit: Fri Jul 23, 2021 2:41 am

F-Secure Antivirus deletes files of Powershell Studio

Post by eric.morsa@isl.be »

I have had the same problem.

I have submited it to F-secure in june 2012. They have answered :

"The file you submitted is indeed clean. A database update will be released to resolve this issue. For the meantime, you may exclude this file and installed program folder from Real-time Scanning."

I am always waiting for the upgrade.

Eric
This topic is 11 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.