Dakmp 0 Posted February 13 Share Posted February 13 (edited) want to know if it is a virus or not. For me works to do the job. VAG-K+CAN Commander.zip Edited February 13 by Dakmp Quote Link to post Share on other sites
Dakmp 0 Posted February 13 Author Share Posted February 13 New file VAG-K_CAN_Commander_1[X].4.zip Quote Link to post Share on other sites
itman 948 Posted February 13 Share Posted February 13 (edited) If you have doubts about Eset's detection, submit the downloaded .zip file here: https://www.virustotal.com/gui/ Multiple AV solutions will scan it and render their verdicts. Edited February 13 by itman Quote Link to post Share on other sites
Administrators Marcos 3,622 Posted February 13 Administrators Share Posted February 13 The detection is correct. 47/71 detections: https://www.virustotal.com/gui/file/ea69c09b51fda25107d9926d7d033f4e25f5374ec0dd2b1bc4a9867a7b19b932/detection Quote Link to post Share on other sites
Dakmp 0 Posted February 14 Author Share Posted February 14 The results Eset show are very different on VirusTotal and when it's installed on my pc. The version of Eset Internet Security on VirusTotal looks unrelated or unofficial. Quote Link to post Share on other sites
Dakmp 0 Posted February 14 Author Share Posted February 14 (edited) Apparently Themida is a anti-cheating protector, not a virus. Can you shed some light on the matter? https://www.wilderssecurity.com/threads/win32-packed-themida.184840/ I don't want Eset taking control of my computer just because. Edited February 14 by Dakmp Quote Link to post Share on other sites
itman 948 Posted February 14 Share Posted February 14 Here's a thread from 2007 on the Themida issue: https://www.wilderssecurity.com/threads/win32-packed-themida.184840/ . It starts with this comment: Quote I'm a developer in Oreans Technologies and we have developed Themida to protect applications against cracking. We are receiving many complain from our clients saying that NOD32 reports their applications as potential thread (Win32/Packed.Themida) Yesterday, we contacted ESET about this issue and today we just got an email saying the following: and ends with this comment from Eset: Quote Important information for developers of the legitimate applications who intend to use Themida or similar protectors:http://www.avertlabs.com/research/blog/index.php/2009/05/28/who-digs-the-elephant-trap/ quote "If you feel that you really must use an obfuscating protector at least digitally sign your files." The anti-malware companies expect the developers which use the abused protectors to properly identify their files. The properly filled VERSION INFO and a valid DIGITAL SIGNATURE are required. It's your choice to use or not use this app. If you want to use it and accept the risk of doing so, create an Eset real-time exclusion for the Eset detection for the app. Quote Link to post Share on other sites
Administrators Marcos 3,622 Posted February 14 Administrators Share Posted February 14 In this case the detection is not due to Themida packer per se. The above complaint from Oreans was addressed years ago and applications protected with Themida are not detected as malware. Quote Link to post Share on other sites
Dakmp 0 Posted February 21 Author Share Posted February 21 So it's because is not digitally signed when Themida is in place? Quote Link to post Share on other sites
Administrators Marcos 3,622 Posted February 21 Administrators Share Posted February 21 It's protected by Themida using a leaked license. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.