FP - again, please fix

Discussion in 'ESET Smart Security' started by Medank, Oct 19, 2008.

Thread Status:
Not open for further replies.
  1. Medank

    Medank Registered Member

    Joined:
    Aug 25, 2008
    Posts:
    102
    Last edited by a moderator: Oct 19, 2008
  2. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    It's been flagged as a 'potentially unsafe application'.
     
  3. Medank

    Medank Registered Member

    Joined:
    Aug 25, 2008
    Posts:
    102
    what is all this :D wow
    the file is safe it's not a virus or anything . eset detected as FP when will this file be removed ?
     
  4. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    It's not being flagged as a virus. If you don't want warnings about that program, untick 'Potentially unsafe applications' in your Threatsense settings.
     
  5. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    scan only MP3Rocket.exe then see result on virustotal
     
  6. Medank

    Medank Registered Member

    Joined:
    Aug 25, 2008
    Posts:
    102

    i did, i scaned again and it flagged as: a variant of Win32/AdInstaller application
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    I've downloaded it and the result was as follows:
    File MP3Rocket.exe received on 10.18.2008 16:22:43 (CET)
    Current status: finished
    Result: 1/36 (2.78%)

    NOD32 3534 2008.10.18 -

    Additional information
    File size: 116224 bytes
    MD5...: 9fc505e6ad29c4909ab35cfadfd9e9c4
    SHA1..: 152849e3534f103e9ff623fbe8cec7fb7ff70c27
    SHA256: 6d3f91ca0b2d751f45019be57d1a4fc1ca446a5dc6c612f32e38dbf64fbc489a
    SHA512: 3371fb170922b187be07a2e80d0044e0005e90499f1e67d1178bad42ffacec7f
    bdff3567273d219d38acfe6d807c86d30b7be3921d65f9f8ce1febe97bdcbdf5
    PEiD..: -
    TrID..: File type identification
    Win32 Executable Generic (38.4%)
    Win32 Dynamic Link Library (generic) (34.1%)
    Win16/32 Executable Delphi generic (9.3%)
    Generic Win/DOS Executable (9.0%)
    DOS Executable Generic (9.0%)
     
  8. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    file apbarSp.MP3Rocket.exe is ad installer so it's not a FP
    i extract the installer with Universal Extractor v1.6
     

    Attached Files:

  9. Medank

    Medank Registered Member

    Joined:
    Aug 25, 2008
    Posts:
    102


    I just downloaded mp3rocket from same website as i mention above and scanned and result:
    -
    File MP3Rocket-Win.exe recived on 10.19.2008 23:18:36
    Current status: finished
    Resultat: 2/36 (5.56%)

    NOD32 3536 2008.10.19 - a variant of Win32/AdInstaller

    Additional Information
    File size: 3715432 bytes
    MD5...: 687d2ba0528f6f95b808d3c084db2898
    SHA1..: 580b174b6839beeb7e2a4404aef905f39db64a7e
    SHA256: 2e691587d6419cae0def80179d0f95bf28cece4fb5ba6c2a726869e61e644ed5
    SHA512: b4c87404867c0e746eed6181a1630eb447d40c386423e6a0b711c10030b55dd5
    1db1a117e809330a9a6ac89f4ee82a1904bd13688a28703d280164c75df37fbd
    PEiD..: -
    TrID..: File type identification
    Win64 Executable Generic (59.6%)
    Win32 Executable MS Visual C++ (generic) (26.2%)
    Win32 Executable Generic (5.9%)
    Win32 Dynamic Link Library (generic) (5.2%)
    Generic Win/DOS Executable (1.3%)
     
  10. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    That's what I got earlier - the file Marcos scanned was smaller?

    Saw that too:
    C:\Documents and Settings\xxxxxx\Desktop\MP3Rocket-Win.exe » NSIS » apbarSp.MP3Rocket.exe - a variant of Win32/AdInstaller application - was a part of the deleted object


    Cheers :)
     
  11. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    hey Marcos just curious is that 1/36 of VT and Not a FP.Disregard get my question answered and loving it.
     
    Last edited: Oct 19, 2008
  12. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,141
    Location:
    New England
    Marcos appears to have tested the actual MP3Rocket.exe application file, versus what other have tested - i.e. the installer kit named MP3Rocket-Win.exe. It looks like NOD32 is not detecting the MP3Rocket.exe program itself once installed. It's just detecting the installer kit which contains a lot more than just the MP3Rocket.exe file. If it is a bundle containing adware among the other contents, then the detection isn't a FP, which is what proactivelover said above.
     
  13. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I guess it safe to say Nod was the first on the job.Time to signature watch.LOL
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.