ESS v4.2.58.3 issue with Messenger Plus

Discussion in 'ESET Smart Security' started by Stoner81, Aug 14, 2010.

Thread Status:
Not open for further replies.
  1. Stoner81

    Stoner81 Registered Member

    Hey chaps just letting you know that ESS finds this as a potentially unwanted program and prevents updates etc but as far as I know the program is safe to use been using it for a couple of years.

    Stoner81.
     
    Stoner81, Aug 14, 2010
    #1
  2. Cudni

    Cudni Global Moderator

    Cudni, Aug 14, 2010
    #2
  3. Marcos

    Marcos Eset Staff Account

    It's not FP.
     
    Marcos, Aug 14, 2010
    #3
  4. PaulB2005

    PaulB2005 Registered Member

    MP is loaded with a couple of things some people don't want - hence it's a Potentialy Unwanted Program.

    I've removed it from quite a few PCs over the years to clear up pop ups ads and other issues - read the T&C for the software to see what you are allowing to be installed on your PC. It's not as clean as you think but not a virus as such.

    ETA: I notice that according to their website the Sponsor Option is now optional. It's probably the Sponsor payload that's being detected.

     
    PaulB2005, Aug 16, 2010
    #4
  5. Stoner81

    Stoner81 Registered Member

    Yeah it is but that can be removed during the install process but ESS still flags it and also prevents the update check.

    Stoner81.

    EDIT - File submitted for analysis.
     
    Last edited: Aug 17, 2010
    Stoner81, Aug 17, 2010
    #5
  6. camor

    camor Registered Member

    Any news about this topic?
    ESS 4.2.64.12
    Carlos
     
    camor, Sep 16, 2010
    #6
  7. toxinon12345

    toxinon12345 Registered Member

    It is not a False Positive.
    "Potentially Unwanted Applications" and "Potentially Unsafe Applications" are within "grayware" category, Not "malware".
     
    Last edited: Sep 18, 2010
    toxinon12345, Sep 16, 2010
    #7
  8. siljaline

    siljaline Registered Member

    Messenger Plus is confirmed adware

    All portions of the program should be uninstalled immediately.

    As you can see from my Hosts file, Circle Development is not software you would want on your machine.
    Code:
     # [c2 Media Group][Circle Developement][66.220.17.0 - 66.220.17.255]
127.0.0.1  www.adserver5.com
127.0.0.1  cidhelp.com
127.0.0.1  dns-look-up.com
127.0.0.1  ads.dns-look-up.com #[Win32/TrojanDownloader.Swizzor]
127.0.0.1  ayb.dns-look-up.com #[TR/Swizzor.A][AdWare.Win32.Lop.ag]
127.0.0.1  nb.dns-look-up.com
127.0.0.1  upd.dns-look-up.com
127.0.0.1  o21343.nb.host-domain-lookup.com #[McAfee.Swizzor!hv.j!87ad9031ef7d]
127.0.0.1  lop.com #[Wildcard DNS]
127.0.0.1  ao.lop.com
127.0.0.1  ayb.lop.com #[McAfee.Swizzor]
127.0.0.1  bins.lop.com
127.0.0.1  i.stealfrommvps.lop.com
127.0.0.1  k17177.bins.lop.com
127.0.0.1  img.lop.com
127.0.0.1  sue.lop.com
127.0.0.1  srch.lop.com
127.0.0.1  d4308.upd.lop.com #[McAfee.Swizzor]
127.0.0.1  r25407.upd.lop.com
127.0.0.1  upd.lop.com
127.0.0.1  www1.lop.com
127.0.0.1  www.lop.com
127.0.0.1  maxexp.com
127.0.0.1  ayb.maximumexperience.com #[McAfee.Swizzor]
127.0.0.1  netbios-wait.com
127.0.0.1  ads.netbios-wait.com
127.0.0.1  ayb.netbios-wait.com
127.0.0.1  upd.netbios-wait.com #[Trojan.Win32.Obfuscated.en]
127.0.0.1  www.netbios-wait.com #[Adware.Memini]
127.0.0.1  spawnet.com
127.0.0.1  www.spawnet.com
127.0.0.1  ayb.trinityacquisitions.com #[McAfee.Swizzor][Wildcard DNS]
     
    Last edited: Sep 17, 2010
    siljaline, Sep 16, 2010
    #8
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice