Jump to content

Archived

This topic is now archived and is closed to further replies.

Senzorei

steam_api.dll

Recommended Posts

Hello everyone, haven't been here in a long time and I'm happy to be here again. That aside, my ESET NOD 32 4.0.417.0 signature DB 9040 detects a variant of Win32/HackTool.Crack.BL Potentially unsafe application in the file steam_api.dll (https://www.virustotal.com/en/file/1827e9eb9417bec0d9869ba6a36d62b48f548dbb30c881dbf47ee1cb38304eb2/analysis/1384354621/).

This steam_api.dll came from a torrent which included a crack provided with a game (XCOM: Enemy Within). I'm not sure whether this is a false positive (which seems unlikely) or a legitimate virus. Also, someone explain how can I upload samples (ESET doesn't want any potentially malicious files on their forums, but we need a way to send samples for other people to inspect) and why can't I submit files for analysis from the quarantine menu (It displays a pop-up with the title "Threatsense early warning system" and contains "Submission of suspicious files is currently disabled. File was placed in cache."). Thank you in advance.

Share this post


Link to post
Share on other sites

Cracks with a suspicious behavior that are likely to trigger heuristic detection are detected as potentially unsafe applications. Detection of pot. unsafe applications is disabled by default as they mainly cover legit tools that can be misused for malicious purposes in the wrong hands. If you want to keep the PUA detection, you can exclude the dll from scanning.

 

In the future, you can submit samples to ESET as per the instructions here (not necessary in this case as it's apparently a crack / hack tool).

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...