False Positive

Nightly scan from this morning shows these two Dell system Backup files as infected. I do nightly scans each night (early am) and these two files have never been flagged before. They both appear to be related to Dell system backup software.

Why are they suddenly being flagged as Unsafe applications?



Scan Log
Version of virus signature database: 6335 (20110729)
Date: 7/30/2011 Time: 3:00:03 AM

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe - a variant of Win32/HiddenStart.A potentially unsafe application - action selection postponed until scan completion

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe - a variant of Win32/HiddenStart.A potentially unsafe application - action selection postponed until scan completion

 

First of all, why did you enable unsafe applications that cover legit tools used mainly for legit purposes? It's not a false positive.

 

It has always been enabled. You didn't answer my question.

Why is it suddenly being detected when it has never been detected in the past.

 

Probably because somebody has reported it and the viruslab found out it could be misused for malicious purposes in the wrong hands. Enabling unsafe applications is not recommended unless you're fully aware of what you're doing, what consequences it may have and how potentially flagged files can be excluded if they are actually needed.

 

I'll let the folks at Dell know that their software is being detected by ESET as potentially unsafe and they can handle it as they see fit.

Thanks for you response.

 

Hello,

The files you listed are not system files. For me, the system files are those needed for the operating system.