NOD32 detected virus in a file hosted by Sourceforge mirror.

The file is a OCSNG Windows client and the URL is:
ht tp://internap.dl.sourceforge.net/sourceforge/ocsinventory/OCSNG_WIN32_AGENT_1.01_repack.zip

It was deteced as Win32/Adware.HitVirus application. However I have my doubts regarding this. Could you please check the file from the above link and verify whether it really has an adware.hitvirus in it or not?

Thanks,

 

Update:

I uploaded the file to http://www.virustotal.com and out of the 32 scanners only NOD32 detected it as a virus.


Here is the link to the report:
http://www.virustotal.com/resultado.html?4112aadb883af506a5fe28943cbd5a36

regards.

 

Submit the file to support (at) eset.com with the subject "false positive" or use the webformular at www.eset.com or the build in feature in nod.

 

It looks like you didn't allow the file to be distributed by Virus Total. Please encrypt it with WinRAR/ZIP, protect with the password "infected' and send it to samples[at]eset.com with this thread's url in the subject.

 

I dont have to "allow' it as you put it. Its on a public mirror and I gave the URL in the first post. However if it is required that I send it through mail, I will.

 

Ah, sorry, my Opera showed "illegal-url-5" in the tooltip I'll download it right now and give it a check.

 

NOD32 flags the file KillProcDLL.dll as infected which is partially true as the dll serves for killing processes. However, it's used by legit programs so we will consider removing detection.

 

Thanks a lot. I placed an order for NOD32 for our entire company yesterday and also evaluating the product on my notebook. I then noticed this false positive right after placing the order.

Had to convince quite a few poeple in the organisation as to why we are not going for a 'known' brand. I really didnt want false postives, but as long as they are corrected its absolutely fine