HackShield virus?

Discussion in 'ESET NOD32 Antivirus' started by Nisentsubasa, Oct 27, 2008.

Thread Status:
Not open for further replies.
  1. Nisentsubasa

    Nisentsubasa Registered Member

    Joined:
    Oct 27, 2008
    Posts:
    2
    So, I was about to kick back and play CombatArms a couple nights ago. I hit the launcher exe, and clicked start. The HackShield started to update. Then it was stopped, by NOD32, which had detected a Win32/Packed.Themida variant in the update's ehsvc.dl file. I went ahead and quarantined it, and sent it in to Eset for examination. I'm just wondering if any of you guys had seen/run into the same problem, and if so, is it actually dangerous? I know there are *some* benign themida files, but I'd prefer not to risk it. And bypassing the HackShield probably wouldn't be an incredibly intelligent decision either. Any thoughts, comments?

    -Nisentsubasa
     
  2. ASpace

    ASpace Guest

    Hi!

    I am not familiar with CombatArms but HackShield at least sounds suspicious . Themida packed files are detected not as viruses,trojans,etc but as potentially unwanted applications . From ESET documentation :

    Potentially unwanted applications


    So it is up-to-you if you want such applications on your computer .
    You can temporary disable the real-time file system protection , restore this file from the Quarantime (on your Desktop , for example) and send the file to ESET Virus Lab samples@eset.com
     
  3. Nisentsubasa

    Nisentsubasa Registered Member

    Joined:
    Oct 27, 2008
    Posts:
    2
    Hi there. Thanks for getting back to me so fast, HiTech.

    Mmm... CombatArms is a free-to-play game distributed by Nexon (http://www.nexon.net). I just can't believe that HackShield would distribute something dangerous - it's a pretty widely used antihack program. With that said, I've been paranoid about viruses ever since a trojan took down my desktop(took two weeks to clean it), so I'm going to leave as is for now. I went ahead and sent it to the Eset Lab to be examined. I guess I should wait for the verdict. Thanks for the help HiTech_boy.

    -Nisentsubasa
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,034
    Location:
    California
    Hello,

    Is the file still being detected as malicious? If so, what is the version number of your virus signature database?

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.