Amon didn't detec a virus but Shell power YES...

Discussion in 'NOD32 version 2 Forum' started by Merlin Magician, Dec 21, 2003.

Thread Status:
Not open for further replies.
  1. Merlin Magician

    Merlin Magician Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    16
    Hi.
    This is an strange case.
    I suggested my best friend to use Nod32 and she did it.
    Here is the history:

    First: she installed Nod32, actualized it and told me: "all is ok. No viruses found on my PC."

    Second: two days later, I advised her to install Shell power. Then, Amon announced: No virus... But scanner using advanced heuristic said: virus unknown found in operating memory (MEMORIA OPERATIVA IN SPANISH). Virus' name: NewHeur_pe.

    I have 3 questions:

    1.- Is it a logical situation? Amon can not detect a virus but Scanner using advanced heuristic YESo_O??

    2.- Scanner doesn't say anything about MBR or CRC. What is happening in MBR AND CRC? Is there a virus too?

    3.- And now? What should we do?

    Of course: Both (my friend and me) are novices.
    Could you please help us? PC is crashing!!!!!

    Greetings from México.

    PD: Should I post this in the virus Forum too?
    o_O o_O o_O
     
  2. Merlin Magician

    Merlin Magician Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    16
    I forgot to tell you:
    The scanner/DEEP heuristic says: NO VIRUS FOUND.
    But...
    The scanner/ADVANCED heuristic says: Virus found etc...
    !!!Unbelievable!!!

    How can it be that in the same sequence time Amon reports:all is ok... Scanner/DEEP heuristic reports: all is ok... And scanner ADVANCED heuristic reports: Virus found?
    :eek: :eek: :eek: :eek:
     
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Merlin,

    Using heuristics is bound to cause false positives on ocassion - and this seems the case here.

    As a second opinion, you could give one or more free online antiviruscanners a try:

    Panda, and/or Trend.

    My calculated guess is, your system is clean ;)

    regards.

    paul
     
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hola,
    AMON no utiliza la heurística avanzada, sólo la usa IMON, o cuando usas el shell o también cuando en la línea de comandos agregas /AH
    Puedes scanear tu disco duro, y el o los archivo marcados como Probablemente nuevo NewHeur_PE Virus, los puedes enviar a samples@eset.com para que Eset repare la falsa alarma, o agregue el nuevo virus si es que de eso se trata.
    Saludos.
     
  5. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi,
    AMON don't use the Advanced Heuristic, the Advanced heuristic is only used by IMON, or when you use the power shell, or when you write in the command line /AH
    You can scan you hard drive, and the file or files detected as Probably NewHeur_PE Virus, send those to samples@eset.com and the guys at ESET will fix the false alarm or add the new virus.
    Regards.
     
  6. Merlin Magician

    Merlin Magician Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    16
    Thank you very much.
    Gracias por contestarme, amigo Sir_
     
Thread Status:
Not open for further replies.