dscom32.exe is getting flagged as malicious

[berk-csi]

Hi!

As of today (6/7/2024), https://www.virustotal.com is flagging dscom32.exe (v1.10.0) as malicious by 3 out of 73 engines:

https://www.virustotal.com/gui/file/d3dbf44f87859d7410a8216e0b42536a9dd78b4265debbef16d6ac107aee6391

Earlier this week it was 10 out of 73 engines one of which was BitDefender. Our IT director filed a false positive report to BitDefender which seems to have helped but not fully resolved the false positives.

Strangely, dscom.exe (v1.10.0) is not flagged at all:

https://www.virustotal.com/gui/file/01e88ce60d43a9ab718fae315f3f72706c2d914faa8b5af9cfcff5b4703a4948

We are shipping both utilities with our product and our dealers got concerned about the false positives on dscom32.exe. Any help clearing them out is appreciated!

Thanks...

Berk

[marklechtermann]

That is strange.
Perhaps it will help if you compile the exe yourself and sign it with a certificate.
Both exe's are built via a GitHub action and should be clean as long as GitHub does everything right.
I can understand why virus scanners find executables that generate registry entries and make Com-Interop ‘interesting’.

@SOsterbrink Can you ask our IT department if they know a solution?

[berk-csi]

After signing dscom32.exe (v1.10.0) with our company certificate all of the 73 engines clear it:

https://www.virustotal.com/gui/file/b800e5eb9942277b595bf4adf6dafcbdccd8a287d82fa512df6469b70555c885?nocache=1

Thanks for the advice!

Berk