senlyn false possitive

Hello,
I play a game called senlyn and two of the exe files are being incorrectly flagged by eset smart security.

both files are being flagged as probably a variant of Win32/Packed.MoleboxVS.C
I have submitted the files to eset via email around a week ago but still not fixed.

the website of the game is http://www.senlyn.com/Wiki/Main_Page

the files are senlyn.exe and senlyn_freeze.exe

I can provide more information if required.
thanks in advance

 

Could you please submit these files to our labs for investigation? Copy/paste the files themselves as attachments and add in the exact detection text in its entirety in the body of the email.

http://kb.eset.com/esetkb/index?page=content&id=SOLN141&ref=wsf

 

Hello dwomack,
I have already submitted both files via email as an attachment in a password protected rar file along with the full detection names. Would you be able to find out the progress of my submission if I provide some more details such as email address and subject?

 

Hello,

The issue is under investigation. Please keep in mind, though, that the program may, in fact, be packed with the MoleBox Virtualization Solution software, which means this is not, per se, a false positive. The author of the software may have decided to use it to pack/obfuscate their code in order prevent it from reverse-engineered, or at least increase the complexity in doing so.

As I understand it, Win32/MoleboxVS is classified as a potentially unwanted application, or PUA for short. That is something of a grey area for programs which may not be out-and-out malicious, but may perform actions which are undesirable. In the case of code obfuscation/runtime packing tools, detection of these is typically added when ESET sees them being abused by malware authors.

If you want to run the program while waiting to hear back from ESET's virus lab, you disable checking of the specific files, or exclude them from being scanned. Information about these can be found in the following ESET Knowledgebase Articles:

#139, How do I exclude certain files or folders from the On-demand scanner? (ESET v3.0)
#560, How do I exclude certain files or folders from real-time scanning? (ESET v3.0)
#2152, How do I exclude certain files or folders from the On-demand scanner? (ESET v4.x)
#2153, How do I exclude certain files or folders from Real-time scanning? (ESET v4.x)
#2198 How do I configure my Windows ESET security product to detect or ignore unwanted or unsafe applications? (ESET v4.x)
#2629, What is a Potentially Unwanted Application?
#2769, How do I exclude certain files or folders from Real-time scanning?(ESET v5.0)
#2770, How do I exclude certain files or folders from the Computer scan?(ESET v5.0)
#2912, How do I configure my Windows ESET security product to detect or ignore unwanted or unsafe applications?(ESET v5.0)
​

You may also find the following white paper, "Problematic, Unloved and Argumentative: What is a potentially unwanted application (PUA)?" [PDF, 503KB] helpful in understanding the how's and why's of ESET's PUA classifications.

Regards,

Aryeh Goretsky

 

Hello,

thanks for the replies and information. I have received an email from the labs and both files have been fixed.