Jump to content

Curiosity.ai - false positives?

Recommended Posts

Howdy folks,

I am really excited to try out Curiosity.ai.  Unfortunately, Eset is throwing 100's of threats.  I contacted the support team at Curiosity.ai, and they advised whitelisting the app in the antivirus program.  Further, they say all of these are false-positives coming from the 'curiosity.helper' which is "the file extractor (extracts text from pdfs, ppts, docs etc for indexing).
it talks to the server (back end) using a locally run web server.  that's the action that's being blocked."

Here is a snapshot of one of the blocked threats:

Here are all the other flags found in the log (all coming from curiosity.helper):
JS/TrojanDownloader.FraudLoad.NAG trojan
HTML/Refresh.AH trojan
JS/TrojanDownloader.Agent.NVD trojan
JS/Kryptik.M.Gen trojan
HTML/Refresh.AB trojan
HTML/Refresh.AUD trojan
JS/TrojanDownloader.FraudLoad.NAG trojan


1.  How can we verify these are false-positives?

2.  If we can't verify these are false-positives, how else might we enable use of this app without whitelisting the whole thing?  
(It's not as simple as writing some firewall rules - as the app is designed to connect to several online services like gmail, gdrive, etc.).

3.  Does ESET provide 3rd party security audit services that Curiosity.ai might employ to validate the integrity of their product?



Link to comment
Share on other sites

Thanks Marcos,

That kb article is dated.  There is no "Submit sample for analysis" option in Tools.  There isn't even a "more tools" option.
This article also needs correction: 


I suppose I will send an email.  Seems odd you guys would rather an email than a more automated solution.

Regardless, I would appreciate you addressing my 3 questions individually.


Link to comment
Share on other sites

  • Administrators

As I wrote, you should submit the sample to ESET first. Without it, it's impossible to tell if the detection is correct or not. However, it's unlikely that so many detections reported on application files would be false positives.

Link to comment
Share on other sites

  • Administrators

I would add that the option is not available if sample submission is disabled in the advanced setup.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...