I've been using a voice client named GSC for quite some time and I know this is a trusted application. Since I updated the virus database to version 3456 NOD32 tells me the file is a possible virus, but it's not. The same goes for update files of the same program.

I figured I'd bring this to your attention :) I'm not sure if you need more details, if so I'll be happy to provide them.

The best would be if you could send ESET copies of all detected files , to samples@eset.com . Do mention in the Subject line of the email that you send them false positive detections .

They will analyse the files and hopefully will correct the mistake :thumb:

Last time I tried that NOD32 prevented me from emailing the samples. It's just a similar thing as the case with other .exe files returning false positives a while ago.

I'll send in the client for analysis with NOD32 itself...

EDIT: Just like I said, I can't send this file to ESET for analysis. NOD32 just tells me it can't send the file for analysis. And it's too huge to email, about 8 MB. My provider doesn't allow me to send files with that size.

Try zipping the files and then email them.

Upload on http://4storing.com/ (when you open the page , click on the Great Britain flag to open the page in English) and then send ESET a link to that file.

Okay, just did that. Thanks for the help :)

Hello,

I downloaded copies of GameServers' GSC Client Application v.1.00.2068 and v.2.00.3000 Beta and did not receive any reports of malware with virus signature database 3466. Can you tell me what was detected with your copy of ESET NOD32 Antivirus and whether or not it is still being reported?

Regards,

Aryeh Goretsky

I don't really recall right now, but as soon as I get the window again I'll leave info here.

I do recall though I got a NOD32 alert yesterday that said GSC was a virus, but I know that's not the case. It happened when I was using GSC while I was playing an online game. I use GSC to talk to people online while I play, maybe that triggered it. Funny thing is NOD32 doesn't show any alerts when I run GSC, no, it happens during online play.

Sorry for not replying to this earlier btw.

Hello,

Can you tell me the complete and exact threat message as reported from your log file?

Regards,

Aryeh Goretsky

Yes, I can. I can also tell you the circumstances how it happened.

Just now I was running GSC and the game America's Army. I noticed NOD32 updated its virus database and shortly after the update I got a screen showing the following alert:

Possible unknown Newheur_PE virus

That's the exact same message I got some days ago.

I hope this info was helpful enough to you.

I was wondering if there's any updates on this issue?

I've downloaded the GSC client from http://getgsc.com/gsc/downloads and installed it fine. EAV didn't flag any of the files.

metalalbert,

this issue exists because NOD32 refuses to resolve an issue previously posted about this. please see http://www.wilderssecurity.com/showthread.php?t=222259 for all the details

Hello,

We did some testing earlier and confirmed the issue has been resolved, MetalAlbert.

See this (http://www.wilderssecurity.com/showpost.php?p=1330448&postcount=13) message thread for details of the test methodology and results.

Regards,

Aryeh Goretsky

agoretsky

does this mean that NOD32 is no longer flagging usage of madcodehook as a virus? for more details see http://www.wilderssecurity.com/showthread.php?t=222259

Hello,

To summarize the message at http://www.wilderssecurity.com/showpost.php?p=1330448&postcount=13, ESET Smart Security v3.0.672.0 with virus signature database update 3510 did not detect any malware when downloading, installing or running GameServers.Com GSC client v2.00 build 3003.

I cannot say what will or will not be reported on the GSC client with a subsequent version of the virus signature database because the author could make changes to the software which cause a false positive alarm in the future, bundle adware or other potentially unwanted software with their application, and so forth.

Regards,

Aryeh Goretsky

agoretsky,

while i do appreciate you restating what is stated in the reference you gave that still does not answer the question "does this mean that NOD32 is no longer flagging usage of madcodehook as a virus?"

bumping thread since no response.

Thanks for looking into this.

However, I'm still using the Dutch version of NOD32 Antivirus, version number 3.0.650.0. And I'm not using GSC 2.0, I'm using GSC 1.00 Build 2069. I think I didn't mention that before, sorry about that. At the time I posted my question I believe 2.00 wasn't out yet, so I assumed you guys knew it was 1.00.

Hopefully the problems are solved now. I'll keep you informed.

{QUOTE-> bumping thread since no response. <-QUOTE}

Otherwise known as spam. Please, stop behaving like 5 yrs old child. :thumbd:

Hello,

All I can tell you are the results of the test ESET, LLC performed.

Please keep in mind that there are a variety of program files such as keyloggers, password crackers, remote control applications and so forth which might be acceptable for a help desk or IT department to use for assisting their users or securing their computers which all have legitimate uses, but when a specific version gets installed by a Trojan downloader or deployed via some other means by malware, it is no longer being used beneficially but as a tool to further the ends of the malware author (bank theft, fraud, blackmail, additional criminal hacking activities and so forth). In these cases, detection of the software is added, usually with a classification of Potentially Unsafe Software or Potentially Unwanted Software.

While this may be an inconvenience for people who are using that particular application for legitimate business reasons, the reason for detecting it is because the application has been identified as being used maliciously in the wild.

ESET's customers purchase their software to protect themselves from a wide spectrum of threats and, as such ESET is obliged to protect them not just things like viruses and worms, but other programs found to have been used for malicious purposes.

Regards,

Aryeh Goretsky


{QUOTE-> agoretsky,

while i do appreciate you restating what is stated in the reference you gave that still does not answer the question "does this mean that NOD32 is no longer flagging usage of madcodehook as a virus?" <-QUOTE}

{QUOTE-> All I can tell you are the results of the test ESET, LLC performed. <-QUOTE}

so then can we get a response from someone who would be able to tell us if this issue was resolved?

over 30 days since metalalbert reported the bug and over 9 days since i reported the bug and still no word on a resolution from NOD32.

Hello,

I am sure that as soon as MetalAlbert is able to confirm the issue has been resolved he will let us know, Musikit.

Please keep in mind that not everyone who reports an issue with a product in a web forum returns to let people know if or how the issue has been resolved.

Regards,

Aryeh Goretsky

I'm currently doing some testing on my computer. At this point I can confirm:

1. A scan by NOD32 of both the full GSC dir and the GSC client itself came up clean. I scanned the files with the virus definitions database 3534.

I am now waiting to see what happens when NOD32 updates the virus defintions database. If NOD32 does not return a false positive after this the problem should be solved for me.

It seems the problems are solved for me. I'll confirm this permanently once I've found things are still okay after a few updates.

{QUOTE-> Hello,

I am sure that as soon as MetalAlbert is able to confirm the issue has been resolved he will let us know, Musikit.

Please keep in mind that not everyone who reports an issue with a product in a web forum returns to let people know if or how the issue has been resolved.

Regards,

Aryeh Goretsky <-QUOTE}

agoretsky,

the issue im refering to that still has not been resolved is "does this mean that NOD32 is no longer flagging usage of madcodehook as a virus?"

will continue the post until i hear from ESET that this issue has been solved.

Well, the problems are definitely solved for me. Thanks ESET.

Sorry to hear you're still having problems musikit :(

agoretsky or any other admin care to answer?

bump because another day where NOD32 has not answered my question has passed.

bumping thread again because a moderator has not replied.

{QUOTE-> bumping thread again because a moderator has not replied. <-QUOTE}


Very mature of you ! Congratulations , this way is the only way you will receive an answer , right ?

{QUOTE-> Very mature of you ! Congratulations , this way is the only way you will receive an answer , right ? <-QUOTE}

thank you for helping me keep this thread on top!

bumping again as it seems ESET refuses to fix their broken software.

bumping again as it seems ESET refuses to fix their broken software.

copy/paste from private message.

{QUOTE-> ~~ snip ~~ Posting of private communications without the approval of both parties is not allowed. Please refer to the Forums TOS regarding the rules here. <-QUOTE}

i'm sorry i dont believe it is being looked into. if you believe it is being looked into i cant change that however no admin has posted in thread that the issue does exist and it is being reviewed. so until then i can only continue to bump the thread to keep it active as your software is a piece of garbage this is a major flaw in it that the presence of madcodehook and openssl in the application continues to get it flagged as a virus. i have sent you numerous binaries over the last 2 years hoping you would stop flagging it and as of late 2 binaries when requested. and your team continues to flag good software as bad software. until you and your team can honesty reply to the thread stating the issue is being looked in to and can continue to keep people updated on this issue i will continue to keep people updated on your irresponsibility

closing in on over 40 days since metalalbert posted this issue and over 2 weeks since i originally posted this issue and eset still chooses the irresponsible path of not admitting their software contains a bug and giving details of when the bug will be resolved.

As metalalbert's problem has been solved and musikit has created a new thread specific to his issue, which includes a demo download, let's close this thread and continue in musikit's new one here:

http://www.wilderssecurity.com/showthread.php?t=223391