Jump to content
Masamunnex

Eset detected steelseries as a virus

Recommended Posts

So for some reason Eset detected SteelSeries software as a virus and i have no idea why, iv had the software since day 1 with eset and only now it detected it as a virus

C:\Documents and Settings\All Users\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\SysStatsGo.dll it says "suspicious file"

is there any reason it started now to detect it ? i need to mention i didnt re-download this program it was downloaded from the official site 2 years ago

Share this post


Link to post
Share on other sites

Please provide logs collected with ESET Log Collector. It sounds like a false positive but without logs we can't tell for sure.

Share this post


Link to post
Share on other sites
Just now, Marcos said:

Please provide logs collected with ESET Log Collector. It sounds like a false positive but without logs we can't tell for sure.

how do i give logs ?

Share this post


Link to post
Share on other sites
7 minutes ago, Marcos said:

It should be enough to upload "C:\ProgramData\ESET\ESET Security\Logs\virlog.dat"

i have a file called "virlog.dat" but it was modified on 19 of march 2019 is that the file you want ?

and if so i tried to upload it but the site wont let me

Edited by Masamunnex

Share this post


Link to post
Share on other sites

Yes, that's the file I asked for. ZIP and RAR archives can be uploaded and now you should be able to upload DAT files too.

Share this post


Link to post
Share on other sites

Couldn't it be that the files were detected by the on-demand or startup scanner? Could you upload the file that was detected? If detected by real-time protection, pause it temporarily while you upload the file (compress it into a zip or rar archive, if possible). With ELC logs we would have all necessary information at once.

Share this post


Link to post
Share on other sites
3 minutes ago, Marcos said:

Couldn't it be that the files were detected by the on-demand or startup scanner? Could you upload the file that was detected? If detected by real-time protection, pause it temporarily while you upload the file (compress it into a zip or rar archive, if possible). With ESET Log Collector logs we would have all necessary information at once.

The file was detected by an on-demand scan to be honest, the file is currently in quarantine, do i need to restore it to upload it ?

Edited by Masamunnex

Share this post


Link to post
Share on other sites
6 minutes ago, Masamunnex said:

The file was detected by an on-demand scan to be honest, the file is currently in quarantine, do i need to restore it to upload it ?

Yes please. Most likely it was just a false positive. We'll check it out and fix it, if a FP is confirmed.

Share this post


Link to post
Share on other sites
6 minutes ago, Marcos said:

Yes please. Most likely it was just a false positive. We'll check it out and fix it, if a FP is confirmed.

There you go friend

SysStatsGo.zip

Edited by Masamunnex

Share this post


Link to post
Share on other sites

Thanks, it appears to be FP made by Augur the machine-learning system which blocked the file in LiveGrid. The file has now been removed from the blacklist. We're investigating why it happened to prevent such FP in the future.

Share this post


Link to post
Share on other sites
2 minutes ago, Marcos said:

Thanks, it appears to be FP made by Augur the machine-learning system which blocked the file in LiveGrid. The file has now been removed from the blacklist. We're investigating why it happened to prevent such FP in the future.

Great to hear that Marcos, is it safe to restore the file to its original location ?

Another question if you will, if Eset blocked a site by internal blacklist, that means my PC is safe right ? Eset blocked the attemp to access that site in the first place ?

Share this post


Link to post
Share on other sites

1, Yes, it's safe to restore this file.

2, Correct. If access to a website has been blocked, the connection was terminated to protect your computer.
There was a website in your log that was blocked on June 29. We've re-checked it and the malware was no longer there so we've unblocked it as well.

Share this post


Link to post
Share on other sites
6 minutes ago, Marcos said:

1, Yes, it's safe to restore this file.

2, Correct. If access to a website has been blocked, the connection was terminated to protect your computer.

Thank you very much

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...