Solved Eset v5 keeps quarantining gotd programs?

[clyde]

Can someone tell me why EAV is doing this.It has been doing this for a while now :huh:

 

[Exterminator]

I am assuming gotd is Giveaway of the day programs? does this happen on install?
Eset Antivirus and Smart Security both quarantine suspicious programs automatically. They could very well be a false positives but if you know them to be safe you can restore them and also make an exclusion in both real time protection and scan or one or the other.See the links below on how to remove from quarantine and add to exclusion list.

How do I restore a quarantined file in my ESET security product? (5.x)

How do I exclude certain files or folders from Real-time scanning? (5.x)

It's not a good idea to exclude a program or file unless your are sure it is safe.Certain programs come with toolbars ect. packed into their installers which most would not even realize these are ticked and will install with the program.This could be the reason for EAV quarantining the programs.

 

[clyde]

When it tries to contact gotd when installing it freezes and Eset quarantines it.I'm assuming that gotd's are safe.I wanted todays giveaway.

 

[Deleted member 178]

They are flagged as suspicious because each gotd softwares are packed in a different installer (including the time-limit) than the original one.

 

[clyde]

Do you think I should just leave the antivirus settings as they are?Can I bypass the program from doing this?

 

[Deleted member 178]

i dont think you can make a rule for that, just disable the AV during the installation, but be sure it is safe so check the file first in Virus Total in case of.

 

[clyde]

Different installers would explain why this was happening

 

[gone]

Faced the same problem while installing yesterdays gotd.
setup detected as a variant of Win32/Kryptik.ELS trojan

 

[Plexx]

Do you think I should just leave the antivirus settings as they are?Can I bypass the program from doing this?

Only way to bypass is to change the default settings to never clean and it will prompt you for what action you want to do.

another way is exclude it from scanning options.

They are modified installers that is why is being detected (most by PUP module).

 

[tipo]

probably because they are packed with themida..

 

[Plexx]

Themida detection in NOD goes back to 2007 or 2008, if I remember correctly.

Like it has been said in this thread, it is detected as PUP due to installers being modified to its needs (no upgrades possible, no trial mode for shareware etc).

 

[miragez]

The only way for this to be solve is at Themida side, their implementation is definitely good for developer to wrap their product but at the same time they are blocking certain headers from antivirus scanning it such as ESET. Such behavior will only make the whatever is pack within gotd as suspicious.