ESET False /Positive

Discussion in 'ESET Smart Security' started by princess57, Oct 22, 2008.

Thread Status:
Not open for further replies.
  1. princess57

    princess57 Registered Member

    Joined:
    Oct 22, 2008
    Posts:
    1
    I have been using ESET Smart Security for 6 months with no problems, I also use a program called FotoFusion by LumaPix for the last 2 years with no problems. After an ESET update, I could no longer open my FotoFusion program and the PC seems to hang quite a bit. I notiiced in my ESET log files there was the message below stating that the College.exe file was a variant of Win32?packed. Themida and was deleted.

    I wrote ESET and was first told it was a false positive and an update will be released and should fix the problem, that was days ago, no fix and each time I contact them, I get different answers, meanwhile, I can not use my program,. Is there a phone number to call ESET or shaould I just go back to using another AntiVirus suite?


    10/19/2008 6:31:43 PM Real-time file system protection
    Real-time file system protection file H:\Program
    Files\LumaPix\FotoFusionV4\Collage.exe a variant of
    Win32/Packed.Themida application cleaned by deleting - quarantined

    NT AUTHORITY\SYSTEM Event occurred during an attempt to access the
    file by the application: C:\Program
    Files\SUPERAntiSpyware\SUPERAntiSpyware.exe.10/19/2008 6:02:40 PM

    Real-time file system protection file G:\Program
    Files\LumaPix\FotoFusionV4\Collage.exe a variant of
    Win32/Packed.Themida application cleaned by deleting - quarantined
    NT AUTHORITY\SYSTEM Event occurred on a new file created by the
    application: G:\Downloads\lumapixsetup.exe.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Maybe they have updated the program? As long as they protect it with Themida, there's a high chance it will not only be picked up by ESET, but by other AVs as well as this protector is misused much more by malware to evade detection than used by legit software. Also note that such files are detected as potentially unsafe because of the tricky packer which means the user must intentionally enable this kind of detection manually.
     
Thread Status:
Not open for further replies.