NOD32 flagging Hotspotshield software as a threat

Hi

I've tried to download hotspotshield (which provides you with a spoof IP address so you can surf anonymously) but NOD32 flags this as a threat. I have already submitted this .exe file to ESET for analysis but still no action is taken. Hotspotshield's website clearly states "NO ADWARE/SPYWARE" so i suspect this is a false positive, just like Ultrasurf software used to be but ESET doesn't flag this anymore. Would appreciate if ESET staff could look into this.

Cheers

http://img442.imageshack.us/img442/237/capturesvw.jpg

 

i have download "HSS-1.37-install-anchorfree-76-conduit.exe"
i haven't alert with version 4895...


heu after scan :

C:\Users\Inster\Desktop\HSS-1.37-install-anchorfree-76-conduit.exe » NSIS » openvpnas.exe - Win32/Adware.AnchorFree application

 

Well everybody can add a 'adware free' picture on their site so that doesn't tell you much, the site/products seems legit tho.

The file openvpnas.exe is dectected within the installer as 'Win32/Adware.AnchorFree application' which is the author of Hotspot shield. Detection of this threat seems to be added not so long ago.
If its a real threat or not I cant say but ESET makes it seem to me that they added this detection for a reason. Should await a mod which can probably tell you more as why this product is being flagged.

 

Hi there,

You can actually submit it to us as a false positive. Follow the kb article below
for instructions.

http://kb.eset.com/esetkb/index?page=content&id=SOLN141

 

"9.1 Advertisements. AnchorFree may deliver third-party advertisements (“Advertisements”) within the content of any web page accessed. Advertisements may be injected into the top of the page, inserted directly into the page content, or even displayed to overlay the page. You hereby acknowledge and consent that AnchorFree may alter the content of any web page accessed for the purpose of displaying Advertisements. Additionally from time to time, AnchorFree may prevent any user’s access to the product or continued use thereof until such user has successfully participated in applicable advertising programs, surveys, or other activities that collect and monetize users’ personal information. AnchorFree does not endorse any information, materials, products, or services contained in or accessible through Advertisements. Accordingly, your correspondence or business dealings with, or participation in promotions of, advertisers found on or through the Service are solely between You and such advertiser. Access and use of ADVERTISEMENTS, including the information, materials, products, and services on or available through ADVERTISEMENTS Sites is solely at your own risk." fragment from EULA

 

Im having the same problem and its pretty annoying.

Is there anyway to tell NOD to ignore it?

Thats no explanation for blocking it. It just means that they will display ads when you use the VPN connection, how else are they supposed to pay for the traffic?

 

Detection of potentially unwanted, unsafe applications as well as adware is optional. These applications are not flagged as threats whatsoever. It's up to the user whether he/she wants to have them detected or not.

 

Yes, but i just want to tell nod to ignore this particular program, not ignore all adware (disabling "potentially" unwanted applications does not help).

UPDATE: Disabling ThreatSense "Adware/Spyware/Riskware" also doesnt help. Is it some other setting i should be changing?

 

In advance setup, under exclusions you can simple add that file so that nod32 does not flag it.

 

How come Hotspot Sheild 1.37 is detected as adware but not 1.34? It detects Win32/Adware.AnchorFree in 1.37. After all, it is an ad-supported freeware. I use adblock plus and no script and there is no problem. Just a blank box at the top. Better to use 1.34?!

And is hotspot shield safe to use?! Thank you!

UPDATE: You can download from here: PC World: http://www.pcworld.com/downloads/file/fid,71209-page,1/description.html

And do reply. IS HOTSPOT SHIELD SAFE TO USE?! Thank you!

 

If the older version is not detected, please refer to this KB article and submit it to ESET for perusal. Unfortunately, I was unable to find a download link to the older version, just to the current one that is detected.

 

Well, there are several applications that I'm always unable to download on the machines that run ESET NOD32 v.4 at home. Among those that the connection is severed when the download process finished are: Mozilla Firefox, Mozilla Thunderbird, Nero Burning Rom, Comodo Internet Security, Open Office, etc. to mention a few.

Everytime I need to download a new version of the aforementioned applications I have to do it on a PC not running NOD32. I know some of those applications now include toolbars during the install process but I believe it's up to the user to decide if he/she wants the toolbar installed along with the application he/she wants to install.

That's one of the things I would like to see addressed in a next version of NOD32.

Regards,

Carlos

 

I also have the latest Hotspot shield flags by ESS

I hope Eset will resolve this issue quickly

Thanks,
Atomas31

 

Everything has been said and explanation provided. You have 2 options:
1, disable detection of adware
2, exclude the file from scanning

 

I hope you are kidding

On virus total, ONLY NOD32 found something wrong ( Win32/Adware.AnchorFree), no anti-spyware (Malwarebytes, superantispyware, etc) wich I use detect anything wrong with this installation file...

It is clearly a False positive from ESS that should be rectifie ASAP!!!


Thanks,
Atomas31

 

The fact that a file is detected by > 40 security applications doesn't make it malicious. Likewise, a file that is not detected by any security application is not necessarily clean.

It's clearly stated in the application's EULA what the adware does. Since it's actually not a false positive, we'll end discussion on this topic and draw this thread to a close.