Installation: What do the Powershell scripts inside of appdata\local\temp\ do?
Installation: What do the Powershell scripts inside of appdata\local\temp\ do?
We use Cylance and have Powershell scripts in temp directories blocked. I tried installing Remote Desktop Manager Enterprise and the install will fail because these random Powershell scripts are being blocked (which from a security perspective makes sense).
Example filenames:
pss823a.ps1
pssd17d.ps1
pss8c7b.ps1
My question is twofold, what are these scripts doing and can the process be changed so others aren't fighting this issue?
All Comments (3)
Hello,
I suspect that the Powershell script generated by the installter. We use those script to verify if the application is already running.
Regards
David Hervieux
I know it can't happen immediately, but is there any way to re-evaluate how this check is getting performed? Just on my end it's a huge hassle to try and convince my security team to trust my word that this is safe. I can see their side:
- A randomly generated filename Powershell script
- Running in a temp folder
- Only exists for a brief moment while the installer runs/fails then gets deleted so I/they cannot look to see what it's doing
I know you guys update frequently and as more people/companies improve their security posture this may become more of an issue as we move forward.
Hello,
This should be resolved in the next minor update.
Thank you
David Hervieux