Latest Update Package for PSStudio 2017 sets off malware alerts

Anything you want to tell us? Praise? Criticism? Post it here. Please keep it professional and constructive.
Forum rules
Do not post any licensing information in this forum.
User avatar
kpersit
Posts: 2
Joined: Sun Mar 03, 2013 12:43 pm

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by kpersit » Mon Oct 09, 2017 1:24 pm

Alexander Riedel wrote:
Mon Oct 09, 2017 1:07 pm
If you are not packaging for the target that these products are complaining about, it is not a problem.
You need to contact your antivirus vendor. These files are not infected as far as we can tell. Our anti-virus scanners do not report them as infected and several vendors have already white listed them as we are told. But we cannot submit files ourselves to YOUR anti-virus software vendor.

IMPORTANT: Please read other user's posts and our replies. If you have the same issue, you will get the same reply. We have no control over the way your anti-virus vendor scans for patterns. We cannot submit files to them. We scan our files continuously and we have no indication of an actual verified infection with anything.
That generic reply just tells me this company has little regard for security. "As far as we can tell" is a very poor response without anything more substantial to back it up. More almost a third of the major AV vendors out there are still as of today flagging this as malware, more than a week after it was initially reported. I would think as a software company you would be proactively working with these companies as to WHY they are flagging your software instead of just repeating that the ones you run don't find anything. Have your teams completed code audits to confirm that the current build has no malicious changes that were implemented without knowledge? Case in point - the recent CCleaner malware!

User avatar
Alexander Riedel
Posts: 6325
Joined: Tue May 29, 2007 4:43 pm

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by Alexander Riedel » Mon Oct 09, 2017 1:37 pm

Why would you assume we have not done that? Of course we immediately verified that we have nothing infected. The "As far as we can tell" obviously refers to the often stated "we do not know what you do on your computer". What more substantial would you want to back this up? You are welcome to come by our office and look at the code and the build process yourself, if that is what you need to do.
Our customer's security is quite obviously of our utmost concern.
I can only recommend to contact your anti-virus vendor who has not reacted after more than a week to multiple reports of what obviously is a false positive.
We have contacted ALL anti-virus vendors in this matter. Unfortunately they do not share your or our concern for urgency and rather err on the side of caution. Which we may not like, but if you have more than 'little regard for security' you can probably understand that.
Alexander Riedel
SAPIEN Technologies, Inc.

User avatar
rheckber
Posts: 1
Joined: Wed Jul 12, 2017 9:27 am

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by rheckber » Tue Oct 10, 2017 9:49 am

I am getting the same notification from Trend Micro Office Scan (Pattern File 13.709.00)

File Name Threat File Path
SAPIEN PowerShell V2 Host (Windows Application) Win32.engine TROJ_GEN.R002C0PJ817 C:\Program Files\SAPIEN Technologies, Inc\PowerShell Studio 2017\ScriptEngines\

User avatar
Alexander Riedel
Posts: 6325
Joined: Tue May 29, 2007 4:43 pm

Re: Latest Update Package for PSStudio 2017 sets off malware alerts

Post by Alexander Riedel » Tue Oct 10, 2017 10:15 am

We are aware, thanks. A good number of these AV engines report different problems with the same file, which is generally a good indication for a false positive.
However that is never a reason to be complacent. You should always check with your AV provider.
We are working on the problem from our end, as mentioned before.
Alexander Riedel
SAPIEN Technologies, Inc.

Locked