|
|
#1
October 2nd, 2012, 02:56 PM
|
|||
|
|||
False Positive?
Greetings,
Just started getting these alerts on our mail server an hour or so ago. Funny thing is that it looks like ESET is triggering alerts on it's own definition updates? Any help would be appreciated. Regards, Mike... |
|
#2
October 2nd, 2012, 03:30 PM
|
||||
|
||||
|
Re: False Positive?
The names on the temp files are completely coincidental. If our scanners were detecting our own updates as malware, I have no doubt we'd be flooded with reports like this.
Either way, it would definitely be a good idea to send these files to our VirusLab. Here's the KB Article on how to do that: How do I submit a virus, website or potential false positive sample to ESET's lab?
__________________
Resources: Knowledgebase • Facebook (US) • @ESET • @ESETNA • Support • News • Blog • YouTube: ESETKnowledgebase and esetusa |
|
#3
October 3rd, 2012, 06:39 AM
|
|||
|
|||
|
Re: False Positive?
Unfortunately, the Scanner column is visible only partially and we can only guess what "M..." stands for. Please submit your threat log along with the detected NOD*.tmp files to ESET as per the instructions here with this thread's url in the subject.
|
|
#4
October 3rd, 2012, 10:09 AM
|
|||
|
|||
|
Re: False Positive?
I could be wrong about this, but I believe that the updates for ESET are not stored in that folder. It would be stored in a location such as this: C:\ProgramData\ESET\ESET Endpoint Antivirus\Updfiles\temp
What you are probably seeing in the temp files created for the web scanner as content is being downloaded from the web. Maybe your web scanner isn't as strict as your real time scanner?
__________________
Geosoft. Operating EEA 5.x on 190 nodes, across 6 satellite offices on 6 ERA 5 servers. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
