- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Scan result are mostly OK only 3 out of 57 virus engines search but failed 3 scanners, and I hope is false positive
File in question: PSoCProgrammerSetup_3.27.3_b3144.exe
Scan yield 2 failures :
1) Cylance : unsafe
2) NANO-Antivirus Riskware.Win32.Adw.dznqkq
3) VBA32 : BScope.Trojan.Scar Ad-Aware
Second issue :
http://www.cypress.com/documentation/software-and-drivers/psoc-programmer-3245
How come site is not HTTPS secured
Certificate show unsecured connection
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just so you know, we're checking relative to the virus report. I am 99.99% positive this is a false positive, but I have asked the engineering team to double check the .exe file.
I'm the technical marketing manager for PSoC Programmer, so the query made it pretty quickly to the right place.
I can't speak to why cypress.com is not https.
Jim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the fast response .
I do appreciate it.
Sincerely Sean
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sean,
An update regarding the virus report. Engineering has investigated. It's impossible to prove something ISN'T there, but we remain quite sure it is a false positive. We have contacted the makers of the virus checking software to see if we can learn something about what pattern they are responding to, and perhaps add another 9 to the level of certainty. There may never be a definitive answer.
One of the engineers pointed me to an interesting (?) article on false positives in HelloWorld.
Here's why the scanners on VirusTotal flagged Hello World as harmful | CSO Online
One of them is Cylance, which you reported here. I have a suspicion that the underlying machine learning has identified "things that work at low level" as potential problems. And there is no doubt that PSoC Programmer is designed to modify a system at its most basic, by overwriting flash. So the engine behind Cylance (and likely the others) is seeing what it considers suspicious behavior, and defaults to "this may not be safe."
Anyway, we are still investigating, because we take this seriously. Thanks again for the report.
Jim