Help! Can't stop Prompts to Submit Suspicious Files

I keep getting pupup prompts to submit Suspicious Files after a virus definition update. I am sick of this. If I can't shut it off, please add the option to shut it off in future releases. There is NOTHING in Quarantine. Can anyone help stop this? Thank You.

 

I think I found the solution.

Turn OFF ThreatSense.Net Early Warning System:
http://kb.eset.com/esetkb/index?page=content&id=SOLN531

Delete contents of Charon folder (necessary only if the files are no longer on your computer). NOD32 must be disabled first (and the cache file can't be deleted):
http://kb.eset.com/esetkb/index?pag...earch&viewlocale=en_US&searchid=1315671868135

 

I also would like to have the capability to remove selected and/or all files from the list of files to be submitted, this submit has been popping up forever and it's very irritating.

The workarounds MarcR found sounds incredibly tedious and trouble-risking for something that seems like it should be much more easily accomplished.

I can imagine that there might be reasons that this list shouldn't be easily removed so as to avoid malware doing the same thing, the user needs to be able to have a choice as to how to manage the submissions.

 

I believe you just have to turn off ThreatSense.Net Early Warning System in the settings. This is very easy to do after all: Advanced Setup, Tools, ThreatSense.net. Uncheck enable ThreatSense.

The other procedure regarding deleting files is almost never necessary, unless the files are no longer on your computer.

But I agree that you should have the option to remove specific files permanently from submission.

 

It's very simple - deselect the files you don't want to submit and then click Submit.

 

thats already possible long time ago.

 

Yes, I see that now. You can setup exclusions under ThreatSense, Advanced Setup, Exclusion Filter, Add.

 

Yes the repeated prompt is a pest for sure BUT surely the question is:

1) Why does ESET think they are suspicious?

 

It shouldn't since I have Potentially unsafe application scanning turned off.

I HAVE THIS TURNED OFF - the programs fall in this category:
Potentially unsafe applications
Potentially unsafe applications is the classification used for commercial, legitimate software. It includes programs such as remote access tools, password-cracking applications, and keyloggers (programs recording each keystroke typed by a user). This option is disabled by default.


Potentially unwanted applications
Potentially unwanted applications are not necessarily intended to be malicious, but they may affect the performance of your computer in a certain way. Such applications usually require consent for installation. If they are present on your computer, your system behaves differently (compared to the state before their installation).

 

No, exactly you said: you can select in the prompt list which files must be submitted and which not. Please dont confuse with the exclusion list in the advanced setup.

 

Heuristically detected files as suspicious are queued in the list.

 

Well these may be turned off BUT ESET is still tagging them via heuristics or signature. So I looked at them a bit closer in post 1.

The names of these files do look suspicious or potentially dangerous to me.

So now it is my feeling they are tagged correctly and the user ( you in this case) should be reminded they are there.

1) Have you submitted them? Is there a report from ESET to review?
2) Why /where are these files present? Purpose is ? sniffing?

Why not just delete them ?

 

There is no need to submit them. They are commercial freeware utilties for admins.

 

I see, why not store them on an off line media until needed. That way ESET won't find them.

Is it normal practice for administrators to use free utilities?

 

Yes, for small business admins. They're available from Nirsoft.net and sysinternals.com (now owned by Microsoft). They are commercial legitimate utilities including Network Tools, Password recovery tools, registry Utilities, Outlook Utilities, File and Disk Utilities, security tools, etc. used by network & system administrators.

Anyway, the solution is to turn off ThreatSense or configure it by excluding the file or folder you don't want to be prompted to submit for analysis. Annoyance solved.

 

If you are prompted to submit files you don't want to submit, simply untick them in the file submission approval list and click Submit so that you won't be prompted about the files again.

 

Files already present in the servers should not be listed in the dialog.
e.g. By querying the servers before the dialog appears.

 

I don't agree. If a file gets submitted a lot of times it's more likely to be a possible malware outbreak.

 

I agree. If a same threat gets submitted a lot of times it's more likely to be a possible malware outbreak, because many different files are submitted.

 

Hello,

System-level utilities which can be misused in the wrong hands are often categorized as Potentially Unsafe Applications. While most discussions involve their cousins, Potentially Unwanted Applications, they are discussed at the end of the Problematic, Unloved and Argumentative: What is a potentially unwanted application (PUA)? [PDF] white paper. Perhaps that will be of use in understanding the classification.

Regards,

Aryeh Goretsky