Salenai 0 Posted August 3, 2021 Share Posted August 3, 2021 Hello, I use Avast, roguekiller, malwarebytes, and mbar for virus detection, none of other programs detected anything, but Eset Online Scanner did. Note that I use EOS because I find it superior to classic Eset program (had better experience with detecting things). Anyways, I scanned my computer yesterday and it detected nothing. Today I messed with magix vegas, it had problems playing certain videos, so I tried installing K-Lite codec pack from codecguide.com ,installed the standard version. I also installed Handbrake for video conversion. I uninstalled both. I downloaded .net framework (dotnet SDK) from official website and Divx from official website, but both installers I only launched, not installed anything. So, if Eset detects anything, it must be from either of those programs, my suspicion is K-Lite codec pack and that detection is only false positive. From the looks of it, the first PUP is .net framework thingy, other two maybe K-Lite codec pack IMO. I tend to visit only safe websites and download stuff also from safe and official websites (and not other sources). Is this false positive please? I am attaching report from EOS for analysis. Thank you. Have a nice day. eset report 3 august 2021.txt Link to comment Share on other sites More sharing options...
Administrators Marcos 5,169 Posted August 3, 2021 Administrators Share Posted August 3, 2021 Basically potentially unwanted applications are never false positivies since they exactly detect applications that had been carefully already analyzed by ESET and it turned out they met criteria for PUA detection. notimportant 1 Link to comment Share on other sites More sharing options...
Salenai 0 Posted August 3, 2021 Author Share Posted August 3, 2021 (edited) 10 minutes ago, Marcos said: Basically potentially unwanted applications are never false positivies since they exactly detect applications that had been carefully already analyzed by ESET and it turned out they met criteria for PUA detection. And are they harmful? At least ones from my report? I downloaded Divx from: https://www.divx.com/ K-Lite Codec Pack from: https://codecguide.com/download_kl.htm Handbrake from: https://handbrake.fr/ And .net SDK from: https://dotnet.microsoft.com/download/dotnet/5.0 These should be official sources. This is what was detected: DotSetupSDK[1].dll a variant of MSIL/DotSetupIo.B potentially unwanted application cleaned by deleting dxa7C56.tmp a variant of Win32/DivX.C potentially unwanted application cleaned by deleting dxa7D33.tmp a variant of MSIL/DotSetupIo.B potentially unwanted application cleaned by deleting Edited August 3, 2021 by Salenai Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted August 3, 2021 Most Valued Members Share Posted August 3, 2021 (edited) 53 minutes ago, Salenai said: And are they harmful? At least ones from my report? I downloaded Divx from: https://www.divx.com/ K-Lite Codec Pack from: https://codecguide.com/download_kl.htm Handbrake from: https://handbrake.fr/ And .net SDK from: https://dotnet.microsoft.com/download/dotnet/5.0 These should be official sources. This is what was detected: DotSetupSDK[1].dll a variant of MSIL/DotSetupIo.B potentially unwanted application cleaned by deleting dxa7C56.tmp a variant of Win32/DivX.C potentially unwanted application cleaned by deleting dxa7D33.tmp a variant of MSIL/DotSetupIo.B potentially unwanted application cleaned by deleting A potentially unwanted application (PUA) is a program that contains adware, installs toolbars, or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks. https://support.eset.com/en/kb2629-what-is-a-potentially-unwanted-application-or-potentially-unwanted-content You can switch DivX with VLC Media Player , you would get rid of those detections , VLC is safe and without adwares/toolbars. Edited August 3, 2021 by Nightowl Link to comment Share on other sites More sharing options...
Salenai 0 Posted August 3, 2021 Author Share Posted August 3, 2021 9 minutes ago, Nightowl said: A potentially unwanted application (PUA) is a program that contains adware, installs toolbars, or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks. https://support.eset.com/en/kb2629-what-is-a-potentially-unwanted-application-or-potentially-unwanted-content You can switch DivX with VLC Media Player , you would get rid of those detections , VLC is safe and without adwares/toolbars. So, if any of those programs installed anything, even a thing such as a toolbar, when Eset removed them, does that mean that they have literally been uninstalled/removed? Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted August 3, 2021 Most Valued Members Share Posted August 3, 2021 17 minutes ago, Salenai said: So, if any of those programs installed anything, even a thing such as a toolbar, when Eset removed them, does that mean that they have literally been uninstalled/removed? ESET can possible quarantine/remove the whole file and also can possibly try to clean it , but mostly when files get cleaned , they will eventually break somehow if I am not mistaken , anyway I don't like to install software on my devices that request to install other things like toolbars or another free softwares etc.. Link to comment Share on other sites More sharing options...
itman 1,721 Posted August 3, 2021 Share Posted August 3, 2021 (edited) Eset's definition of a PUA: Quote Grayware or Potentially Unwanted Application (PUA) is a broad category of software, whose intent is not as unequivocally malicious as with other types of malware, such as viruses or trojan horses. It may however install additional unwanted software, change the behavior of the digital device, or perform activities not approved or expected by the user. Categories that may be considered grayware include: advertising display software, download wrappers, various browser toolbars, software with misleading behavior, bundleware, trackware, crypto-miners, registry cleaners (Windows operating systems only) or any other borderline software, or software that uses illicit or at least unethical business practices (despite appearing legitimate) and might be deemed undesirable by an end user who became aware of what the software would do if allowed to install. https://help.eset.com/glossary/en-US/unwanted_application.html Edited August 3, 2021 by itman Link to comment Share on other sites More sharing options...
itman 1,721 Posted August 3, 2021 Share Posted August 3, 2021 1 hour ago, Salenai said: So, if any of those programs installed anything, even a thing such as a toolbar, when Eset removed them, does that mean that they have literally been uninstalled/removed? My experience using Eset is its PUA detection is for the app download. If one proceeds to exclude Eset's PUA detection and run the app installer, etc. unimpeded, don't expect Eset to block installation of the undesirable PUA elements. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 394 Posted August 3, 2021 Most Valued Members Share Posted August 3, 2021 6 hours ago, Salenai said: Hello, I use Avast, roguekiller, malwarebytes, and mbar for virus detection, none of other programs detected anything, but Eset Online Scanner did. Note that I use EOS because I find it superior to classic Eset program (had better experience with detecting things). Anyways, I scanned my computer yesterday and it detected nothing. Today I messed with magix vegas, it had problems playing certain videos, so I tried installing K-Lite codec pack from codecguide.com ,installed the standard version. I also installed Handbrake for video conversion. I uninstalled both. I downloaded .net framework (dotnet SDK) from official website and Divx from official website, but both installers I only launched, not installed anything. So, if Eset detects anything, it must be from either of those programs, my suspicion is K-Lite codec pack and that detection is only false positive. From the looks of it, the first PUP is .net framework thingy, other two maybe K-Lite codec pack IMO. I tend to visit only safe websites and download stuff also from safe and official websites (and not other sources). Is this false positive please? I am attaching report from EOS for analysis. Thank you. Have a nice day. eset report 3 august 2021.txtUnavailable Just curious what your experience was with the desktop version of Eset as the online version uses the same databases but desktop has extra features so should be far better security wise Link to comment Share on other sites More sharing options...
Recommended Posts