Product, version and build: Powershell Studio 5.8.200
Operating system: Windows 10
PowerShell version(s): 5.1.19041.1320
*** Please add details and screenshots as needed below. ***
I tried installing PS Studio 5.8.200 today and it was blocked by Eset 9.0.02032.6 with the message below:
**ImportModuleHelp.exe has Win32/AtlasVPN.A potentially unwanted application
I then uploaded the installer to Virustotal and got two more hits:
**Virustotal reports: Malware.Win32.Gen.oa!s1 and Trojan.Stealer.Win32.21178
Has anyone encountered this before? I am guessing these are false positives, but it would be nice to get confirmation.
Virustotal & Eset false positives for version 5.8.200?
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
-
- Posts: 1
- Last visit: Tue Feb 15, 2022 3:26 pm
- Alexander Riedel
- Posts: 8488
- Last visit: Tue Apr 16, 2024 8:42 am
- Been upvoted: 37 times
Re: Virustotal & Eset false positives for version 5.8.200?
As always, we do not know what happens on your machine and you should always confirm any positive result with your antivirus vendor.
I uploaded our original source file to virustotal and I get BitDefenderTheta and SecureAge APEX flagging it for different things.
For the installer I get a positive on Gridinsoft and Zillya for two different things.
Unfortunately, this is not uncommon. If something is truly infected, it usually shows up on far more than 2 out of 66 engines.
Additionally, if the engines disagree on what something is afflicted with, it usually turns out to be a false positive.
Last but not least, and I do not want to step on anyone's toes here, I simply would trust the main stream vendors more than the more obscure ones.
But as stated in the beginning, stick to due diligence and submit YOUR files to YOUR antivirus vendor for confirmation.
I uploaded our original source file to virustotal and I get BitDefenderTheta and SecureAge APEX flagging it for different things.
For the installer I get a positive on Gridinsoft and Zillya for two different things.
Unfortunately, this is not uncommon. If something is truly infected, it usually shows up on far more than 2 out of 66 engines.
Additionally, if the engines disagree on what something is afflicted with, it usually turns out to be a false positive.
Last but not least, and I do not want to step on anyone's toes here, I simply would trust the main stream vendors more than the more obscure ones.
But as stated in the beginning, stick to due diligence and submit YOUR files to YOUR antivirus vendor for confirmation.
Alexander Riedel
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.