- Aug 23, 2013
- 1,076
I download a lot of software, and I always scan it with Virus Total and Jotti. This incidentally enables me to see which programs are having the most false positive detections.
The worst program for false positives is ClamAV--it's a total joke unless you turn off PUPs detection. Last year Norton was near the top in FPs, but this year I hardly see any FPs from Norton in the scans. So it looks like they are trying to clean up their act. Trend Micro HouseCall has been very, very bad for FPs, but not as bad lately. Without question the worst FP-producing non-Clam program this year is ESET. I know that ESET is overall a great program, but its heavy tendency at present toward false positives is just a cold, hard, undeniable fact. ESET needs to imitate Norton by going to work on the problem.
The worst program for false positives is ClamAV--it's a total joke unless you turn off PUPs detection. Last year Norton was near the top in FPs, but this year I hardly see any FPs from Norton in the scans. So it looks like they are trying to clean up their act. Trend Micro HouseCall has been very, very bad for FPs, but not as bad lately. Without question the worst FP-producing non-Clam program this year is ESET. I know that ESET is overall a great program, but its heavy tendency at present toward false positives is just a cold, hard, undeniable fact. ESET needs to imitate Norton by going to work on the problem.
- Jul 12, 2014
- 195
This is the biggest load of misinformation i have seen anywhere on the internet. "The statement above ^^^"
Give me a false positive by ESET that you think is wrong.
If you post 1 single potentially unwanted application catch from the database, you should be ignored when it comes to ESET products.
I will show you the reason for every single detection that is a "potentialy unwanted or unsafe application". These detections can also be turned off completely in advanced settings.
Give me a false positive by ESET that you think is wrong.
If you post 1 single potentially unwanted application catch from the database, you should be ignored when it comes to ESET products.
I will show you the reason for every single detection that is a "potentialy unwanted or unsafe application". These detections can also be turned off completely in advanced settings.
Last edited:
- Nov 15, 2012
- 1,765
Bro I will try to Explain you,
Really Adware, or advertising-supported software,
For Example,
Imagine you Downloaded TeamViewer & Installed it, You downloaded TeamViewer to install just teamviewer but they are forcing the user to Install some any other toolbar or some kind of Adware, Most of user just click Next - Next, So ESET is just detected the Adware Portion of that software.
- Aug 23, 2013
- 1,076
I think that much more should be done to educate computer users that they should choose Custom rather than Recommended when installing a program, lest they instill a program they did not intend to install.
I do not regard all advertising-supported software as malign. I have gotten many freeware programs I'm very glad to have while unchecking the boxes for bundled software. I believe even avast! free has in recent times bundled Google Chrome, and I know Avira has bundled the Ask toolbar. I think that the freeware industry needs to be pressured into making the bundling process easier to understand for ordinary users. And people should never be saddled with programs they unchecked, as happened to me a few years ago with Babylon Toolbar on an Adobe Flash Player update.
I have a real problem with ESET flagging programs merely because of bundling. They (and all the other AVs) should mercilessly flag an installation that deposits a program that was unchecked as with Adobe a few years ago. But otherwise it's a vexation if you are blocked from installing a program you want merely because it offers up a bundled third party program. Sometimes when a program is quarantined it's crippled when you restore it.
I have a copy of ESET 2014 from a Fry's rebate special. I don't know if it's lightweight enough for my present computer. (I'm going to activate a new computer when I can finally resolve more urgent projects.) When I do install ESET I will simply have to turn off PUA detection.
Operating System
Windows XP Home Edition 32-bit SP3
CPU
Intel Pentium 4
Northwood 0.13um Technology
RAM
2.00 GB DDR @ 166MHz (2.5-3-3-7)
Motherboard
Dell Computer Corp. 0G1548 (Microprocessor)
Storage
74.5 GB Seagate ST380011A (ATA)
Free 40.53 GB
3.67 GB Lexar USB Flash DriveUSB Device (USB)
119.22 GB PNY USB 2.0 FD USB Device (USB)
I do not regard all advertising-supported software as malign. I have gotten many freeware programs I'm very glad to have while unchecking the boxes for bundled software. I believe even avast! free has in recent times bundled Google Chrome, and I know Avira has bundled the Ask toolbar. I think that the freeware industry needs to be pressured into making the bundling process easier to understand for ordinary users. And people should never be saddled with programs they unchecked, as happened to me a few years ago with Babylon Toolbar on an Adobe Flash Player update.
I have a real problem with ESET flagging programs merely because of bundling. They (and all the other AVs) should mercilessly flag an installation that deposits a program that was unchecked as with Adobe a few years ago. But otherwise it's a vexation if you are blocked from installing a program you want merely because it offers up a bundled third party program. Sometimes when a program is quarantined it's crippled when you restore it.
I have a copy of ESET 2014 from a Fry's rebate special. I don't know if it's lightweight enough for my present computer. (I'm going to activate a new computer when I can finally resolve more urgent projects.) When I do install ESET I will simply have to turn off PUA detection.
Operating System
Windows XP Home Edition 32-bit SP3
CPU
Intel Pentium 4
Northwood 0.13um Technology
RAM
2.00 GB DDR @ 166MHz (2.5-3-3-7)
Motherboard
Dell Computer Corp. 0G1548 (Microprocessor)
Storage
74.5 GB Seagate ST380011A (ATA)
Free 40.53 GB
3.67 GB Lexar USB Flash DriveUSB Device (USB)
119.22 GB PNY USB 2.0 FD USB Device (USB)
- Jul 12, 2014
- 195
Hello,
What you don't understand is ESET is not flagging a product because it is bundled, they are flagging certain DLL's that are not only used by the same package as lets say 'teamviewer + chrome toolbar' and one that is a very very bad form of unwanted software like OpenCandy, or any of the others using maybe a form of Helper.dll or System.dll , which can be used to alter the system behind your back.
Just using an example.
Sure you can turn off PUA detections, but i would recommend running a smart scan with PUA turned on, maybe once a month, just to be sure you didn't pick up a few nasty's inadvertently. Hope this makes sense. You can still choose not to clean certain infections if you turn the cleaning strength down and allow yourself to choose what gets deleted or removed.
What you don't understand is ESET is not flagging a product because it is bundled, they are flagging certain DLL's that are not only used by the same package as lets say 'teamviewer + chrome toolbar' and one that is a very very bad form of unwanted software like OpenCandy, or any of the others using maybe a form of Helper.dll or System.dll , which can be used to alter the system behind your back.
Just using an example.
Sure you can turn off PUA detections, but i would recommend running a smart scan with PUA turned on, maybe once a month, just to be sure you didn't pick up a few nasty's inadvertently. Hope this makes sense. You can still choose not to clean certain infections if you turn the cleaning strength down and allow yourself to choose what gets deleted or removed.
- Aug 23, 2013
- 1,076
I just updated Recuva from FilePuma (MD5Hash:3f9c12e62a0ae1d7a9dbb252195c4c54). ESET was one of 3 out of 54 that flagged it on Virus Total, calling it "Win32/Bundled.Toolbar.Google.D". The other flaggers were TrendMicro-HouseCall and something called VBA32. Avast, BitDefender, Comodo, Emsisoft, F-Secure, Kaspersky, Malwarebytes, Microsoft, Norton, Qihoo-360, and TrendMicro didn't flag it. By the way, I didn't encounter any bundled programs during the installation.
Now that I've installed it, there are only the recuva.exe file, the uninst.exe, and a big number of Lang folder dlls.
Thanks for that suggestion. It's good to know you can choose to delete or not.
Now that I've installed it, there are only the recuva.exe file, the uninst.exe, and a big number of Lang folder dlls.
Thanks for that suggestion. It's good to know you can choose to delete or not.
Last edited:
- Jan 22, 2014
- 1,804
ESET said Ccleaner infected with PUP, i scanned it & it totally remove CCleaner to quarantine. I guess, there is anyway they can cure it rather then clean it.
Filepuma is from Glarysoft, and VBA32 (VirusBlokAda) is security company from Belarussia.
- Nov 15, 2012
- 1,765
- Jul 12, 2014
- 195
Regarding CCleaner.
Potentially unsafe applications is the db that flags tools like CCleaner.
I don't use potentially unsafe detections because i am an experienced user.
However if i was installing ESET on someone who knows nothing about computers, ie an elderly individual (have seen this in the field, and its just an example)I would use the detection.
Having the detection on, is not primarily for CCleaner which is a good tool, but it may keep dumb and fake computer cleanup tools that have no business being installed.
If you can think of a way to separate the two and have the detections still on, please share with us and the ESET developers.
You can take a very good program like CCleaner which gets flagged because of google chrome, and remove the detection for Googles dll's, exe, and embedded toolbars, however while you are removing the detection that blocks CCleaner, you are also removing it from a very bad piece of software as well ? You can't win and you can't lose.
That is why there is an exclusion portion in the software and the ability to turn off 'potentially unsafe applications'.
Normally i would say it should fall under Potentially Unwanted Applications detection, however those are more severe than unsafe, and Google toolbar or chrome doesn't belong in that category.
However i have seen malware writers, manipulate, alter code, and use Google's stuff to embed some serious changing objects to the OS, example: A Fake google toolbar.
If you are truly, truly, interested in understanding what causes a program to fall into the potentially unwanted, have a read through this article:
Potentially unwanted classifications
So going back to this statement:
"ESET said Ccleaner infected with PUP, i scanned it & it totally remove CCleaner to quarantine. I guess, there is anyway they can cure it rather then clean it."
It's not a PUP (the default name for potentially unwanted), but a different classification "potentially unsafe".
To answer the question, you need to disable PUsA, there is no way to cure it. ESET won't separate the two for you.
Here is a link to Wilders where Aryeh the distinguished researcher at ESET, who was the first employee at McAfee, years and years in the business, talks about the two detections. : Link
Its back from 06, and we have had many many changes since, but it is mostly still the same.
Here it makes it seem as if Ccleaner should fall into unwanted category, and i might ask some of the developers and ESET reps why its labeled under unsafe, and i presume its as i stated, its not as threatening as a potentially unwanted application, plus it will notify you of the Google chrome installation if you don't have it installed yet.
Thanks for reading.
Potentially unsafe applications is the db that flags tools like CCleaner.
I don't use potentially unsafe detections because i am an experienced user.
However if i was installing ESET on someone who knows nothing about computers, ie an elderly individual (have seen this in the field, and its just an example)I would use the detection.
Having the detection on, is not primarily for CCleaner which is a good tool, but it may keep dumb and fake computer cleanup tools that have no business being installed.
If you can think of a way to separate the two and have the detections still on, please share with us and the ESET developers.
You can take a very good program like CCleaner which gets flagged because of google chrome, and remove the detection for Googles dll's, exe, and embedded toolbars, however while you are removing the detection that blocks CCleaner, you are also removing it from a very bad piece of software as well ? You can't win and you can't lose.
That is why there is an exclusion portion in the software and the ability to turn off 'potentially unsafe applications'.
Normally i would say it should fall under Potentially Unwanted Applications detection, however those are more severe than unsafe, and Google toolbar or chrome doesn't belong in that category.
However i have seen malware writers, manipulate, alter code, and use Google's stuff to embed some serious changing objects to the OS, example: A Fake google toolbar.
If you are truly, truly, interested in understanding what causes a program to fall into the potentially unwanted, have a read through this article:
Potentially unwanted classifications
So going back to this statement:
"ESET said Ccleaner infected with PUP, i scanned it & it totally remove CCleaner to quarantine. I guess, there is anyway they can cure it rather then clean it."
It's not a PUP (the default name for potentially unwanted), but a different classification "potentially unsafe".
To answer the question, you need to disable PUsA, there is no way to cure it. ESET won't separate the two for you.
Here is a link to Wilders where Aryeh the distinguished researcher at ESET, who was the first employee at McAfee, years and years in the business, talks about the two detections. : Link
Its back from 06, and we have had many many changes since, but it is mostly still the same.
Here it makes it seem as if Ccleaner should fall into unwanted category, and i might ask some of the developers and ESET reps why its labeled under unsafe, and i presume its as i stated, its not as threatening as a potentially unwanted application, plus it will notify you of the Google chrome installation if you don't have it installed yet.
Thanks for reading.
Last edited:
- Jan 22, 2014
- 1,804
No thnx, i don't wanna disable it, atleast it alarms me from incoming potential unwanted threats, i'll just exclude it & manually untick crap ware during installation like i do always
No thnx, i don't wanna disable it, atleast it alarms me from incoming potential unwanted threats, i'll just exclude it & manually untick crap ware during installation like i do always
You can use Unchecky, much better option that unchecking stuff.
- Jan 22, 2014
- 1,804
- Aug 30, 2012
- 6,598
Use CCleaner Slim Versionlol tried, didn't like it
It doesn't have toolbar included
Similar threads
