Jump to content

Archived

This topic is now archived and is closed to further replies.

Arakasi

Sample Submission for Analysis

Recommended Posts

Quick question for anyone that may know up front. :unsure:

Is there a log for past files submitted ?

I would not want to submit a file i have already submitted previously.

 

Eset Nod32 & SS - Tools > Submit sample for Analysis

 

Thank you.

Share this post


Link to post
Share on other sites

Thank you stackz. :)

 

Its not really a false positive, or web url, or virus.

It kind of falls into a different category, so the traditional zip up and email, was kind of at the back of my mind.

Looking more for some insight on a particular service this program uses and why Eset is labeling it as Risky.

 

Kudos for your reply and thoughtfulness anyway !

 

Edit: I think i submitted it once already, was hoping to double check. lol

Share this post


Link to post
Share on other sites

Hello,

 

If you look in Advanced Setup under Tools|ESET Live Grid|Participate in ESET Live Grid|Advanced Setup|Contacct Email there is an option below it labeled Enable logging.  If this option is turned on, submissions to ESET should be logged

 

Alternately, if you want to send a private message to the moderators with your username ("EAV-########") and an approximate date a sample might have been submitted, along with any other relevant info (filename, URL, etc.) it might be possible to locate the information.

 

Regards,

 

Aryeh Goretsky

 

Share this post


Link to post
Share on other sites

our file is submitted at samples@eset.com so many times for false positive and requried removal from your database but no one help me.

i have created two post and you are removing these posts. pls help us.

 

here is virustotal report : https://www.virustotal.com/en/file/4f89f5a827138f00c4e94b383c071064b4b2b81a790f60c80aae900bc906f229/analysis/1379506360/

 

we need removal because we want to test our product with vb100. this file is antivirus setup file. pls help us.

Share this post


Link to post
Share on other sites

Marcos or any mod.

We have a link again in previous post.

Please assist team.

Thanks

Share this post


Link to post
Share on other sites

we have try everything but no result.

 

we are in touch at samples@eset.com from last 4 to 6 month but not getting any reply.

 

we have posted 2 post for this and both are removed.

 

we are Antivirus company and we want to send our product at vb100 for testing and vb100 told us that we have to remove this from Eset database.

 

pls try to understand solve it and remove from your database.

Share this post


Link to post
Share on other sites

 and vb100 told us that we have to remove this from Eset database.

 

pls try to understand solve it and remove from your database.

I really doubt this part, VB can chose if they want to include your software in their testing or not, that has nothing to do if another vendor e.g ESET detects PUA's in your software.

Share this post


Link to post
Share on other sites

I am very sorry mayaonline, traditional approach to investigating the false positive is the only method that will work in your situation.

These public forums are for the assistance of public and private users of ESET security system software.

While sometimes assistance out of scope is provided, customer facing service is better handled by phone or by email.

I think were just a bunch of techs in here doing what we can to help with system related issues and or questions about ESET products.

Good luck sir !!

Share this post


Link to post
Share on other sites

we already sent so many email at samples@eset.com but no reply.

if they reply then we dont use the forum.

tell us any other way for removal ? other AV company like symantec give reply within 24 hour and Eset is never reply and this is reason for using forum.

we have also contact AV-Test and Vb100 for testing our product but they need removal from eSet from virustotal.com

pls understand and give us the solution.

Share this post


Link to post
Share on other sites

we already sent so many email at samples@eset.com but no reply.

if they reply then we dont use the forum.

tell us any other way for removal ? other AV company like symantec give reply within 24 hour and Eset is never reply and this is reason for using forum.

we have also contact AV-Test and Vb100 for testing our product but they need removal from eSet from virustotal.com

pls understand and give us the solution.

The solution is very simple as I see it, take out the PUA from your software that ESET is detecting.

 

And when you have done that, re-submit the file to ESET for reclassification and they will probably remove the detection if everything is as it should be, if not then the detection will stay in place.

Share this post


Link to post
Share on other sites

 

The solution is very simple as I see it, take out the PUA from your software that ESET is detecting.

 

And when you have done that, re-submit the file to ESET for reclassification and they will probably remove the detection if everything is as it should be, if not then the detection will stay in place.

 

 

This ^^ :rolleyes:

Share this post


Link to post
Share on other sites

@mayaonline

 

Virus Total on your exe :

 

Comments This installation was built with Inno Setup.
Signature verification A certificate chain could not be built to a trusted root authority.
 
So it is my belief that if you want to fix your issue. read the following article :
 
and instead use one of the following  CA's:
 
 
side note: Why are you using Inno Setup to build your package ? Let Visual Studio create your installation ??? This is weird to me . . .

Share this post


Link to post
Share on other sites

dear sir,

your wrote :

                      Comments This installation was built with Inno Setup.
                      Signature verification A certificate chain could not be built to a trusted root authority.
 
Our Reply :
                      (1) Why not we used Inno Setup ? we dont want to use other setup.
                      (2) we are using Digicert certification for signing of our .exe and website of Digitcert is : hxxp://www.digicert.com "A certificate chain could not be built to a trusted root authority" ?
 
Pls help and solve, i think this is not issue to list our product as a PUA. if it is reaaly a PUA then why not other vendor list it ?

Share this post


Link to post
Share on other sites

 

 

The solution is very simple as I see it, take out the PUA from your software that ESET is detecting.

 

And when you have done that, re-submit the file to ESET for reclassification and they will probably remove the detection if everything is as it should be, if not then the detection will stay in place.

 

 

This ^^ :rolleyes:

 

Did you agree with it, or did you think my suggestion was wrong? Sorry for asking  :unsure:

Share this post


Link to post
Share on other sites

we are disagree, because in previous PUA due to inno setup and CA certificate but we are not agree for this.

Pls help and solve, i think this is not issue to list our product as a PUA. if it is reaaly a PUA then why not other vendor list it ?

 

this is purely ESET issue and nothing else.

Share this post


Link to post
Share on other sites

you can tell us any practical thing which we can do. we are ready to do anything which is real required to change.

Share this post


Link to post
Share on other sites

Pls help and solve, i think this is not issue to list our product as a PUA. if it is reaaly a PUA then why not other vendor list it ?

 

Only the other vendors can answer the question why they don't or do detect it. 

Though that's like asking why doesn't all vendors detect this malware sample, the best answer to that is, because not all vendors get the sample at the same time.

 

But I guess you could always submit your program to some other vendors and ask them if they would count anything in your software as a PUA and/or PUP. With the risk of getting more detections on VT afterwards if they add detection for it.

Share this post


Link to post
Share on other sites

ok. then why not you tell us how to remove PUA from eset. eSet told this is PUA and we tell you that it is not PUA.

you can install it and check or tell us other solution.

we are not ready to change inno setup and digicert digital sign vendor. you told us only two issue which is not valid.

 

if you want digicert details then tell us we are ready to provide you.

Share this post


Link to post
Share on other sites

Just to make sure there is zero confusion.

I dont work for Eset. My responses are subjected to beingy faulty.

Im simply speculating on your troubles.

I agreed with you Swex.

Share this post


Link to post
Share on other sites

I agreed with you Swex.

Right, I just wanted to make sure since the smiley you used sometimes means that one were sarcastic.  :)

 

In any case I actually miss thumbup and thumbdown icons. 

Share this post


Link to post
Share on other sites

You mean like this Swex ?

 

LOL , just save my image and upload it until we get a larger repertoire of emoticons :)

post-1101-0-66916700-1379812840.gif

Share this post


Link to post
Share on other sites

Ah what the heck, I just wright "I agree" or "I disagree" until we get some thumbs in here.  :D

Share this post


Link to post
Share on other sites

hi,

we have changed digital sign and it is now show certified but ESET is detecting it :

 

here is the report :

https://www.virustotal.com/en/file/6c0a016a66787396ac6c7479adb103503a179cce37e7026f3eedc8e454caa61d/analysis/1379882162/

 

now tell me what is the next Step ?

ESET detection by name shows that they deliberately detected because our application is also a Antivirus product.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...