Jump to content

VAG K+CAN Commander detected as virus


Recommended Posts

  • Dakmp changed the title to VAG K+CAN Commander detected as virus

The results Eset show are very different on VirusTotal and when it's installed on my pc. The version of Eset Internet Security on VirusTotal looks unrelated or unofficial.

Link to comment
Share on other sites

Here's a thread from 2007 on the Themida issue: https://www.wilderssecurity.com/threads/win32-packed-themida.184840/ . It starts with this comment:

Quote

I'm a developer in Oreans Technologies and we have developed Themida to protect applications against cracking. We are receiving many complain from our clients saying that NOD32 reports their applications as potential thread (Win32/Packed.Themida)

Yesterday, we contacted ESET about this issue and today we just got an email saying the following:

and ends with this comment from Eset:

Quote

Important information for developers of the legitimate applications who intend to use Themida or similar protectors:
http://www.avertlabs.com/research/blog/index.php/2009/05/28/who-digs-the-elephant-trap/
quote "If you feel that you really must use an obfuscating protector at least digitally sign your files."

The anti-malware companies expect the developers which use the abused protectors to properly identify their files. The properly filled VERSION INFO and a valid DIGITAL SIGNATURE are required.

It's your choice to use or not use this app. If you want to use it and accept the risk of doing so, create an Eset real-time exclusion for the Eset detection for the app.
 
Link to comment
Share on other sites

  • Administrators

In this case the detection is not due to Themida packer per se. The above complaint from Oreans was addressed years ago and applications protected with Themida are not detected as malware.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...