HackShield virus?

Discussion in 'ESET NOD32 Antivirus' started by Nisentsubasa, Oct 27, 2008.

Thread Status:
Not open for further replies.
  1. Nisentsubasa

    Nisentsubasa Registered Member

    Joined:
    Oct 27, 2008
    Posts:
    2
    So, I was about to kick back and play CombatArms a couple nights ago. I hit the launcher exe, and clicked start. The HackShield started to update. Then it was stopped, by NOD32, which had detected a Win32/Packed.Themida variant in the update's ehsvc.dl file. I went ahead and quarantined it, and sent it in to Eset for examination. I'm just wondering if any of you guys had seen/run into the same problem, and if so, is it actually dangerous? I know there are *some* benign themida files, but I'd prefer not to risk it. And bypassing the HackShield probably wouldn't be an incredibly intelligent decision either. Any thoughts, comments?

    -Nisentsubasa
     
  2. ASpace

    ASpace Guest

    Hi!

    I am not familiar with CombatArms but HackShield at least sounds suspicious . Themida packed files are detected not as viruses,trojans,etc but as potentially unwanted applications . From ESET documentation :

    Potentially unwanted applications


    So it is up-to-you if you want such applications on your computer .
    You can temporary disable the real-time file system protection , restore this file from the Quarantime (on your Desktop , for example) and send the file to ESET Virus Lab samples@eset.com
     
  3. Nisentsubasa

    Nisentsubasa Registered Member

    Joined:
    Oct 27, 2008
    Posts:
    2
    Hi there. Thanks for getting back to me so fast, HiTech.

    Mmm... CombatArms is a free-to-play game distributed by Nexon (http://www.nexon.net). I just can't believe that HackShield would distribute something dangerous - it's a pretty widely used antihack program. With that said, I've been paranoid about viruses ever since a trojan took down my desktop(took two weeks to clean it), so I'm going to leave as is for now. I went ahead and sent it to the Eset Lab to be examined. I guess I should wait for the verdict. Thanks for the help HiTech_boy.

    -Nisentsubasa
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Is the file still being detected as malicious? If so, what is the version number of your virus signature database?

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.