Jump to content

researcher

ESET Staff
  • Content Count

    8
  • Joined

  • Last visited

Profile Information

  • Gender
    Male
  • Location
    Slovakia

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. False positive reports To submit a possible False Positive see Submit a suspicious website / potential false positive / potential miscategorization by Parental control to ESET for analysis when you wish to submit via email or use Submit sample for analysis function from the program GUI of ESET product installed on your computer. Whitelisting ESET does provide a whitelisting service for software vendors by which you can submit your software to minimize the chances of false positives, e.g., when your software is being downloaded. This service is intended as preventive measure for t
  2. ESET Research Lab can receive samples sent by users via email and also sent via installed product running on user’s computer. I will try to explain how the submission via our program works, what is recommended to do or what is advised to avoid. When you open GUI of ESET Internet Security, you will find following icon in Tools and clicking More Tools: After clicking the icon you will see the first window called Select sample for analysis. 1) It is recommended to read the Online Help before submitting a file for a first time. 2) Selection “Suspicious file” means
  3. When you see name of detection signature / threat name, then the web-page is not blocked by blacklist but by specific detection. The website was infected and following code was inserted to the website by hackers: When the website was infected, WordPress 4.5.3 was used. I am glad that the admin not only removed the malicious script but WordPress was updated to recent 4.6.1 version. That's my recommendation for other owners of infected websites. It is not enough to clean the bad code, the site must be secured to prevent future reinfections. At least older versions of CMS must be upda
  4. It seems the companies were parts of the same holding. Searches returned following results in some public CVs: "Fularo Holdings (Imesh/Bearshare/Viber/Bandoo)" "Polmont Ventures Ltd: iMesh / Bearshare / iLivid / Jzip / Bandoo / People Roulette / Ftalk"
  5. Rugk, try to compare submission from Viber's Reputation team in our forum and submission from iLivid's Reputation and Compliance Team in Symantec forum [ https://aka-community.symantec.com/en/forums/false-positive-ilivid ] Same people working for Viber and iLivid?
  6. OK, you have to... The main software package is available here hxxp://download.cdn.viber.com/cdn/packs/1/pack.exe (SHA1: 120a8e0c67fc82d6350f7a3d47158dc76bf25a5b *pack.exe 38 MB) This package is not detected by ESET, the classified 3rd party PUA components are not here. The file is 7Zip self extracting executable, it will extract necessary Viber program files in the folder where you run it.
  7. Interesting observation rugk about the possible Israeli origin. BTW, there are many advertising companies in Israel, that's probably why the Download Valley term was established. hxxp://blogs.wsj.com/digits/2014/06/04/hate-pop-up-ads-microsoft-tries-drawing-line-in-the-sand/
  8. The software vendor's website promises: "It's the right tool to protect your PC from hardware failures, conflicts, and system crashes." This is how the software behaves during our testing: And the license for the madExcept can be bought here: madshi.net/madExceptShop.htm
×
×
  • Create New...