[false positive] my own personal site.

Discussion in 'ESET NOD32 Antivirus' started by mudlord, Apr 19, 2011.

Thread Status:
Not open for further replies.
  1. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    Hello,

    One of my end users reported that my entire site is blacklisted for "potentially dangerous" content.

    I am wondering how do I see regarding this evident false positive? Is it on the blacklist because I encrypt my content from being pirated?

    I am willing to give source code to ESET developers so they can see themselves that *every* application I made is virus free.

    Site in question is: mudlord.emuxhaven.net

    Thankyou in advance for the prompt response.
     
  2. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Hmm..... not only ESET.
    6/23 Detected.
    -http://www.urlvoid.com/scan/mudlord.emuxhaven.net
     
  3. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    Damn....
    Could the reason be that I encrypt my executable content?

    I am curious as to the rationale behind such blacklisting.
     
  4. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Post the MD5 the executable please.
     
  5. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    MD5 : 830c35861da851789b8bd936a57dc4f5
    SHA1 : d9f5a40e0006f6da6c816d6da87a261f0d2047c0
    SHA256: 5d1f024b9dad127b94cf50cf9f5c6d411900e127917f6ae643bc4785188d9836

    *virustotal*

    Seems the reason is due to ASPack being used on one of the driver components.
     
    Last edited: Apr 19, 2011
  6. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    May be the encryption yes.

    BTW VirusTotal results isn't allowed to be posted unfortunately, if you don't delete the link a Mod will.
     
  7. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    Fair enough,

    Might just change the encryption to something less aggressive again.
    Or none at all. >_>
     
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I think you should wait for ESET's official response before you change anything.
     
  9. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  10. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    Thanks very much.
    Will do. :)
     
  11. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    You're welcome, I visited your site, it is blacklisted as SweX posted in this thread @ -www.urlvoid.com/scan/mudlord.emuxhaven.net
    While I do not rely on reputation based sites, the blacklist by ESET will not be removed until you take further action.
     
    Last edited: Apr 20, 2011
  12. mudlord

    mudlord Registered Member

    Joined:
    Apr 19, 2011
    Posts:
    6
    Posted a report as well as links to the now packer free content.
    The only content now in the installer that is packed is the BASS libraries, which I cannot unpack since the code in those libraries is the content of a 3rd party middleware developer. And those BASS libraries are packed with Petite (the developer's own proprietary copy protection).
     
  13. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Allow ESET sufficient time to examine your submission, you may be advised via email, private message or a statement from an ESET Representative to this thread.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.