ecovalence 0 Posted March 26 Share Posted March 26 Howdy folks, I am really excited to try out Curiosity.ai. Unfortunately, Eset is throwing 100's of threats. I contacted the support team at Curiosity.ai, and they advised whitelisting the app in the antivirus program. Further, they say all of these are false-positives coming from the 'curiosity.helper' which is "the file extractor (extracts text from pdfs, ppts, docs etc for indexing). it talks to the server (back end) using a locally run web server. that's the action that's being blocked." Here is a snapshot of one of the blocked threats: Here are all the other flags found in the log (all coming from curiosity.helper): -------------------------------------------------------------- JS/TrojanDownloader.FraudLoad.NAG trojan HTML/Refresh.AH trojan JS/TrojanDownloader.Agent.NVD trojan JS/Kryptik.M.Gen trojan HTML/Refresh.AB trojan HTML/Refresh.AUD trojan JS/TrojanDownloader.FraudLoad.NAG trojan --------------------------------------------------------------- Questions: 1. How can we verify these are false-positives? 2. If we can't verify these are false-positives, how else might we enable use of this app without whitelisting the whole thing? (It's not as simple as writing some firewall rules - as the app is designed to connect to several online services like gmail, gdrive, etc.). 3. Does ESET provide 3rd party security audit services that Curiosity.ai might employ to validate the integrity of their product? Thanks! Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted March 26 Administrators Share Posted March 26 It depends where you downloaded the app from. It is unlikely that there would be so many false positives reported on an application. You can submit the file to ESET for a check as per the instructions at https://support.eset.com/en/kb141. Quote Link to comment Share on other sites More sharing options...
ecovalence 0 Posted March 27 Author Share Posted March 27 Thanks Marcos, That kb article is dated. There is no "Submit sample for analysis" option in Tools. There isn't even a "more tools" option. This article also needs correction: I suppose I will send an email. Seems odd you guys would rather an email than a more automated solution. Regardless, I would appreciate you addressing my 3 questions individually. Thanks Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted March 27 Administrators Share Posted March 27 As I wrote, you should submit the sample to ESET first. Without it, it's impossible to tell if the detection is correct or not. However, it's unlikely that so many detections reported on application files would be false positives. Quote Link to comment Share on other sites More sharing options...
itman 1,659 Posted March 27 Share Posted March 27 1 hour ago, ecovalence said: There is no "Submit sample for analysis" option in Tools. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted March 27 Administrators Share Posted March 27 I would add that the option is not available if sample submission is disabled in the advanced setup. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.