Search the Community
Showing results for tags 'sample'.
-
I send this email 4 days ago and also yester day as follow but no reaction from ESET. such these fake servers must be blacklist very fast so they can not sell their fake license. I hope that in V8 ESET do not let users to crack AV and set their own update servers. We find these illegal update servers in ME region that their admin generate a FAKE user/pass and sell that to users for 10$/year . So ESET must blacklist their update servers so users could not update from this illegal update server. Also ESET must block their selling website that we listed below. While these fake resellers are active many users may become their victims : Edited ***** We think that ESET must block their update servers and also block their Domain that use for Fake activate and Fake Selling.
-
Hi dear ESET Moderators. Our network is infected with a virus that we send it to samples@eset.com but after 48 Hours we had no answers and virus is undetected. Sorry for Attaching samples here but we have not any other way. over 200 Pcs of our company are infected !!! VT report of this sample : https://www.virustotal.com/en/file/068c906a6c5777806519fe20ea5902d971008427dd56c11ec9a47905433aef49/analysis/1402255492/ Pass : infected Why ESET do not reply mail that we send to samples@eset.com ?
-
Hello everyone, haven't been here in a long time and I'm happy to be here again. That aside, my ESET NOD 32 4.0.417.0 signature DB 9040 detects a variant of Win32/HackTool.Crack.BL Potentially unsafe application in the file steam_api.dll (https://www.virustotal.com/en/file/1827e9eb9417bec0d9869ba6a36d62b48f548dbb30c881dbf47ee1cb38304eb2/analysis/1384354621/). This steam_api.dll came from a torrent which included a crack provided with a game (XCOM: Enemy Within). I'm not sure whether this is a false positive (which seems unlikely) or a legitimate virus. Also, someone explain how can I upload samples (ESET doesn't want any potentially malicious files on their forums, but we need a way to send samples for other people to inspect) and why can't I submit files for analysis from the quarantine menu (It displays a pop-up with the title "Threatsense early warning system" and contains "Submission of suspicious files is currently disabled. File was placed in cache."). Thank you in advance.
- 1 reply
-
- quarantine
- cleaning
-
(and 2 more)
Tagged with:
-
Hello, I did some research on the file GuardMailRu.exe and in this site (respecively: habrahabr.ru/post/149636/ ) it says that it adds a toolbar to IE, Firefox and Opera browsers, which I can confirm since 1 account on this machine (respectively the one that installed something that I'm unaware of which also installed the toolbar) has the toolbar on IE, Firefox and Opera. I hope that you can inspect these files and possibly find a solution. P.S. The file runs on the System privilege level and when i tried to terminate the program it executed (approx.) 3000 more executables with the same filename. I sent an archive with these files for inspection. The installation folder consisted of these branches. CASE SENSITIVE Mail.ru-----Guard-------GuardMailRu.exe | |__GuardMailRu.dll Sputnik |____mailrusputnik.exe |____MailRuSputnik.dll |____SputnikFlashPlayer.exe For some reason it doesn't allow me to upload the files, but I sent them for inspection.
-
Hi ESET, I have been forced to re write this post as my previous post was closed before I had the chance to answer, also the post I made around 20 minutes ago was also deleted. " The software in question is not detected as malware (ie. virus, trojan, etc.) but as a potentially unwanted application (PUA). The software was analyzed in ESET's malware research lab and was found to meet criteria for PUA detection. Detection of PUA is fully optional, and it's up to the user if they want to opt for detection or not. Even with PUA detection enabled, the user can exclude the application from scanning so that it's not detected. Having said that, we'll draw this thread to a close." As mentioned by Marcos It is detected as a PUA now if you do a scan on virustotal for any of sites, including our homepage you will find that only ESET blocks this with the term "Malware site" ESET has also blocked our IP so nobody who has purchased our software can use it. This is a very urgent matter as we are getting hundreds of emails from our paying customers wanting to use the software. I would also like to ask is there any reason that we are receiving a different treatment to anyone else? What I mean by this statement is when ever we open a post it is closed with an answer that doesn't allow me to respond, and I noticed this doesn't happen to anyone else. I also noticed that when I posted in another topic, I was told to stop stealing threads, which can be seen here. https://forum.eset.com/topic/271-my-website-is-blocked-by-smart-security/#entry1051 I then took a look at a thread posted earlier this month, and noticed people were getting serious answers and not being told to stop "hijacking threads" but got actual answers from ESET moderators. The example can be seen in the link below. https://forum.eset.com/topic/250-eset-has-blocked-my-site-what-to-do/ All I am trying to get done is for ESET to remove the IP block on its servers and actually block individual sites that they have a problem with (if there are any we will get them fixed straight away) I pleed with ESET to provide any assistance with this and to provide any information that can assist us in fixing the issue. We have sent over 50 emails to samples@eset.com and I know there is no response but they are for URLs that are clearly safe such as our home page, buy page, etc. This can be seen on virustotals scan. You will see that only ESET has us blocked on more than 15 links. I hope we can get this fixed ASAP and thank you for taking the time to respond to my post. I would also like to apologize to the ESET moderators for any confusion or anything that WhiteSmoke has done to create such any form of "hate" by them. Once again, thank you, WhiteSmoke Inc.
- 1 reply
-
- false positive
- adware
-
(and 2 more)
Tagged with:
-
hxxp://www.2shared.com/file/tQ QH9PNE/1231322131243142.html Rar password:123 DO NOT RUN IT