Jump to content

Recommended Posts

Posted

Howdy folks,

I am really excited to try out Curiosity.ai.  Unfortunately, Eset is throwing 100's of threats.  I contacted the support team at Curiosity.ai, and they advised whitelisting the app in the antivirus program.  Further, they say all of these are false-positives coming from the 'curiosity.helper' which is "the file extractor (extracts text from pdfs, ppts, docs etc for indexing).
it talks to the server (back end) using a locally run web server.  that's the action that's being blocked."

Here is a snapshot of one of the blocked threats:
image.png.01fba0bbac7206fe85385e28c699c9d2.png

Here are all the other flags found in the log (all coming from curiosity.helper):
--------------------------------------------------------------
JS/TrojanDownloader.FraudLoad.NAG trojan
HTML/Refresh.AH trojan
JS/TrojanDownloader.Agent.NVD trojan
JS/Kryptik.M.Gen trojan
HTML/Refresh.AB trojan
HTML/Refresh.AUD trojan
JS/TrojanDownloader.FraudLoad.NAG trojan
---------------------------------------------------------------

Questions:

1.  How can we verify these are false-positives?

2.  If we can't verify these are false-positives, how else might we enable use of this app without whitelisting the whole thing?  
(It's not as simple as writing some firewall rules - as the app is designed to connect to several online services like gmail, gdrive, etc.).

3.  Does ESET provide 3rd party security audit services that Curiosity.ai might employ to validate the integrity of their product?

 

Thanks!

  • Administrators
Posted

It depends where you downloaded the app from. It is unlikely that there would be so many false positives reported on an application. You can submit the file to ESET for a check as per the instructions at https://support.eset.com/en/kb141.

Posted

Thanks Marcos,

That kb article is dated.  There is no "Submit sample for analysis" option in Tools.  There isn't even a "more tools" option.
This article also needs correction: 

 

I suppose I will send an email.  Seems odd you guys would rather an email than a more automated solution.

Regardless, I would appreciate you addressing my 3 questions individually.

Thanks

  • Administrators
Posted

As I wrote, you should submit the sample to ESET first. Without it, it's impossible to tell if the detection is correct or not. However, it's unlikely that so many detections reported on application files would be false positives.

Posted
1 hour ago, ecovalence said:

There is no "Submit sample for analysis" option in Tools.

Eset_Submit.thumb.png.2ff031fc60cee52613c11841441ddf5a.png

  • Administrators
Posted

I would add that the option is not available if sample submission is disabled in the advanced setup.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...