Search the Community

Hi, I use this applictation for look my TS 3 : https://play.google.com/store/apps/details?id=com.game_state.ts3viewer&hl=en But today eset (free version) do a warning : https://www.virustotal.com/en/file/ac732df9c6789990e63f1b86f87b61ee2fd1f98710f034299a3d6936e3b43aa4/analysis/ I don't understand why it is potentially unsafe or may be false positive ? Thank you for help.

Hello. My name is Stanley and I am the developer of Polarity Browser. A couple of my users have informed me that Polarity is being detected as a false positive by ESET. According to my scans on VirusTotal, it is currently detected as a "variant of MSIL/Packed.Confuser.J suspicious". Polarity is indeed compressed and obfuscated to protect it from theft. VirusTotal results: https://www.virustotal.com/en/file/2655c02f1b29872f55572847cc97064888a41aa97718f40d3fe49b1630400ceb/analysis/1440980966 I hope you guys understand and reevaluate this program. It really does mean a lot to me as a solo developer. Thank you for your consideration, Stanley

Merhaba (Hi), ESET virus was not detected. maybe you want to add to the database, I share with you the file link. I want to help you. It's worth adding to your database. I help you, eset virüs database + Many people have a difficult time remaining Many people have a difficult time remaining. Many people have a difficult time remaining Virüs: Dosyalarım.exe link: hxxp:// www18.zippyshare.com/v/amEh6ikY/file.html thanx, I help you I help you It's worth adding to your database It's worth adding to your database It's worth adding to your database It's worth adding to your database

Hi Guys, what happened to this awesome signature? It took out 95% of the mails - so i would love to see get it back. Was it removed from data base because of larger numbers of false positives? Best Regards

Hello everyone, haven't been here in a long time and I'm happy to be here again. That aside, my ESET NOD 32 4.0.417.0 signature DB 9040 detects a variant of Win32/HackTool.Crack.BL Potentially unsafe application in the file steam_api.dll (https://www.virustotal.com/en/file/1827e9eb9417bec0d9869ba6a36d62b48f548dbb30c881dbf47ee1cb38304eb2/analysis/1384354621/). This steam_api.dll came from a torrent which included a crack provided with a game (XCOM: Enemy Within). I'm not sure whether this is a false positive (which seems unlikely) or a legitimate virus. Also, someone explain how can I upload samples (ESET doesn't want any potentially malicious files on their forums, but we need a way to send samples for other people to inspect) and why can't I submit files for analysis from the quarantine menu (It displays a pop-up with the title "Threatsense early warning system" and contains "Submission of suspicious files is currently disabled. File was placed in cache."). Thank you in advance.

Hello, I did some research on the file GuardMailRu.exe and in this site (respecively: habrahabr.ru/post/149636/ ) it says that it adds a toolbar to IE, Firefox and Opera browsers, which I can confirm since 1 account on this machine (respectively the one that installed something that I'm unaware of which also installed the toolbar) has the toolbar on IE, Firefox and Opera. I hope that you can inspect these files and possibly find a solution. P.S. The file runs on the System privilege level and when i tried to terminate the program it executed (approx.) 3000 more executables with the same filename. I sent an archive with these files for inspection. The installation folder consisted of these branches. CASE SENSITIVE Mail.ru-----Guard-------GuardMailRu.exe | |__GuardMailRu.dll Sputnik |____mailrusputnik.exe |____MailRuSputnik.dll |____SputnikFlashPlayer.exe For some reason it doesn't allow me to upload the files, but I sent them for inspection.

Hi ESET, I have been forced to re write this post as my previous post was closed before I had the chance to answer, also the post I made around 20 minutes ago was also deleted. " The software in question is not detected as malware (ie. virus, trojan, etc.) but as a potentially unwanted application (PUA). The software was analyzed in ESET's malware research lab and was found to meet criteria for PUA detection. Detection of PUA is fully optional, and it's up to the user if they want to opt for detection or not. Even with PUA detection enabled, the user can exclude the application from scanning so that it's not detected. Having said that, we'll draw this thread to a close." As mentioned by Marcos It is detected as a PUA now if you do a scan on virustotal for any of sites, including our homepage you will find that only ESET blocks this with the term "Malware site" ESET has also blocked our IP so nobody who has purchased our software can use it. This is a very urgent matter as we are getting hundreds of emails from our paying customers wanting to use the software. I would also like to ask is there any reason that we are receiving a different treatment to anyone else? What I mean by this statement is when ever we open a post it is closed with an answer that doesn't allow me to respond, and I noticed this doesn't happen to anyone else. I also noticed that when I posted in another topic, I was told to stop stealing threads, which can be seen here. https://forum.eset.com/topic/271-my-website-is-blocked-by-smart-security/#entry1051 I then took a look at a thread posted earlier this month, and noticed people were getting serious answers and not being told to stop "hijacking threads" but got actual answers from ESET moderators. The example can be seen in the link below. https://forum.eset.com/topic/250-eset-has-blocked-my-site-what-to-do/ All I am trying to get done is for ESET to remove the IP block on its servers and actually block individual sites that they have a problem with (if there are any we will get them fixed straight away) I pleed with ESET to provide any assistance with this and to provide any information that can assist us in fixing the issue. We have sent over 50 emails to samples@eset.com and I know there is no response but they are for URLs that are clearly safe such as our home page, buy page, etc. This can be seen on virustotals scan. You will see that only ESET has us blocked on more than 15 links. I hope we can get this fixed ASAP and thank you for taking the time to respond to my post. I would also like to apologize to the ESET moderators for any confusion or anything that WhiteSmoke has done to create such any form of "hate" by them. Once again, thank you, WhiteSmoke Inc.