Inquiry about detection of Auslogics Defrag Free Edition

[comealong 0]

Some Background info...I DL the setup.exe file from Auslogics web site,and then did a check on the file through Virus Totals web site...All AV,s came up clean with the exception of ESET..

I submitted the file to Eset,and they confirmed it as Win32/OpenCandy.A

Recently another person who has the program installed (same version) ran your Eset online scanner and the results were not the same, his came up "clean"

The discussion of this thread is here...hxxp://www.dslreports.com/forum/r28972476-Auslogics-Disk-Defrag-free-.FP-or-

I am wondering what/why the differences in the scans.....and which one to believe!!

 

Thanks

[SweX 865]

Hello and welcome

 

Maybe you could find some answers in this thread where different versions is mentioned too: https://www.wilderssecurity.com/showthread.php?t=358815

 

Edit: A member posted this in the above thread....

 

I submitted the file to ESET yesterday (20th),and received this reply from them this AM...(very fast response)  

 

Quote:.."Hello, the detection is correct. The installation package contains OCSetupHlp.dll which is detected as a potentially unsafe application. Detection of potentially unsafe applications is disabled by default and it's at users' discretion whether they want to detect them or not."  Regards,  ESET Malware Response Team

 

 Not the news I was expecting as I initially considered it a FP..  Shame on Auslogics...

 

https://www.wilderssecurity.com/showpost.php?p=2331364&postcount=38

 

What is a PUA...: hxxp://virusradar.com/en/glossary/pua

 

Grayware (or PUA - a Potentially Unwanted Application) is a broad category of software, whose intent is not as unequivocally malicious as with other types of malware, such as viruses or trojan horses. It may however install additional unwanted software, change the behavior of the digital device, or perform activities not approved or expected by the user.

 

Categories that may be considered grayware include: adware, spyware, various browser toolbars, rogue software, bundleware, trackware, or any other borderline software, or software that uses illicit or at least unethical business practices (despite appearing legitimate) and might be deemed undesirable by an end user who became aware of what the software would do if allowed to install.

A Possibly Unsafe Application is one that is in itself legitimate (possibly commercial) software but which might be misused by an attacker. Detection of these types of application can be enabled or disabled by users of ESET software.

[Marcos 3,395]

The application is detected as a potentially unsafe application (an OpenCandy dll is often bundled with free software). This detection is disabled  by default.