Help! Can't stop Prompts to Submit Suspicious Files

Discussion in 'ESET NOD32 Antivirus' started by MarcR, Sep 10, 2011.

Thread Status:
Not open for further replies.
  1. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    I keep getting pupup prompts to submit Suspicious Files after a virus definition update. I am sick of this. If I can't shut it off, please add the option to shut it off in future releases. There is NOTHING in Quarantine. Can anyone help stop this? Thank You.
     
    Last edited: Sep 10, 2011
  2. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    Last edited: Sep 10, 2011
  3. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    I also would like to have the capability to remove selected and/or all files from the list of files to be submitted, this submit has been popping up forever and it's very irritating.

    The workarounds MarcR found sounds incredibly tedious and trouble-risking for something that seems like it should be much more easily accomplished.

    I can imagine that there might be reasons that this list shouldn't be easily removed so as to avoid malware doing the same thing, the user needs to be able to have a choice as to how to manage the submissions.
     
  4. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    I believe you just have to turn off ThreatSense.Net Early Warning System in the settings. This is very easy to do after all: Advanced Setup, Tools, ThreatSense.net. Uncheck enable ThreatSense.

    The other procedure regarding deleting files is almost never necessary, unless the files are no longer on your computer.

    But I agree that you should have the option to remove specific files permanently from submission.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,375
    It's very simple - deselect the files you don't want to submit and then click Submit.
     
  6. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    thats already possible long time ago.
     
  7. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    Yes, I see that now. You can setup exclusions under ThreatSense, Advanced Setup, Exclusion Filter, Add.

     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Yes the repeated prompt is a pest for sure BUT surely the question is:

    1) Why does ESET think they are suspicious?
     
  9. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    It shouldn't since I have Potentially unsafe application scanning turned off.

    I HAVE THIS TURNED OFF - the programs fall in this category:
    Potentially unsafe applications
    Potentially unsafe applications is the classification used for commercial, legitimate software. It includes programs such as remote access tools, password-cracking applications, and keyloggers (programs recording each keystroke typed by a user). This option is disabled by default.


    Potentially unwanted applications
    Potentially unwanted applications are not necessarily intended to be malicious, but they may affect the performance of your computer in a certain way. Such applications usually require consent for installation. If they are present on your computer, your system behaves differently (compared to the state before their installation).
     
  10. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    No, exactly you said: you can select in the prompt list which files must be submitted and which not. Please dont confuse with the exclusion list in the advanced setup.
     
  11. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Heuristically detected files as suspicious are queued in the list.
     
  12. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Well these may be turned off BUT ESET is still tagging them via heuristics or signature. So I looked at them a bit closer in post 1.

    The names of these files do look suspicious or potentially dangerous to me.

    So now it is my feeling they are tagged correctly and the user ( you in this case) should be reminded they are there.

    1) Have you submitted them? Is there a report from ESET to review?
    2) Why /where are these files present? Purpose is ? sniffing?

    Why not just delete them ?
     
  13. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    There is no need to submit them. They are commercial freeware utilties for admins.
     
  14. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    I see, why not store them on an off line media until needed. That way ESET won't find them.

    Is it normal practice for administrators to use free utilities?
     
  15. MarcR

    MarcR Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    60
    Yes, for small business admins. They're available from Nirsoft.net and sysinternals.com (now owned by Microsoft). They are commercial legitimate utilities including Network Tools, Password recovery tools, registry Utilities, Outlook Utilities, File and Disk Utilities, security tools, etc. used by network & system administrators.

    Anyway, the solution is to turn off ThreatSense or configure it by excluding the file or folder you don't want to be prompted to submit for analysis. Annoyance solved.
     
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,375
    If you are prompted to submit files you don't want to submit, simply untick them in the file submission approval list and click Submit so that you won't be prompted about the files again.
     
  17. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Files already present in the servers should not be listed in the dialog.
    e.g. By querying the servers before the dialog appears.
     
  18. dmaasland

    dmaasland Registered Member

    Joined:
    Nov 10, 2010
    Posts:
    468
    I don't agree. If a file gets submitted a lot of times it's more likely to be a possible malware outbreak.
     
  19. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    I agree. If a same threat gets submitted a lot of times it's more likely to be a possible malware outbreak, because many different files are submitted.
     
    Last edited: Sep 11, 2011
  20. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    System-level utilities which can be misused in the wrong hands are often categorized as Potentially Unsafe Applications. While most discussions involve their cousins, Potentially Unwanted Applications, they are discussed at the end of the Problematic, Unloved and Argumentative: What is a potentially unwanted application (PUA)? [PDF] white paper. Perhaps that will be of use in understanding the classification.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.