Another fasle positive??

Discussion in 'NOD32 version 2 Forum' started by flyrfan111, Jul 16, 2004.

Thread Status:
Not open for further replies.
  1. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Results of a file scan
    This is the report of the scanning done over "nisale.exe" file that VirusTotal processed on 07/16/2004 at 20:11:10.
    Antivirus Version Update Result
    BitDefender 7.0 07.16.2004 -
    ClamWin devel-20040517 07.15.2004 -
    eTrustAV-Inoc 4641 07.15.2004 -
    F-Prot 3.15 07.16.2004 -
    Kaspersky 4.0.2.23 07.16.2004 -
    McAfee 4377 07.16.2004 -
    NOD32v2 1.813 07.16.2004 IRC/SdBot.AIG
    Norman 5.70.10 07.16.2004 -
    Panda 7.02.00 07.16.2004 -
    Sybari 7.5.1314 07.16.2004 -
    Symantec 8.0 07.15.2004 -
    TrendMicro 7.000 07.16.2004 -

    This file is from the latest AOL 9, notice NOD32 is the only scanner that detects this as a trojan. Additionally, this file has been on my computer for a month now, since upgrading to AOL 9, this definition was added on 5/5/04 according to the updates page on Eset's website but this is the 1st time it is detected. What gives? This didnt even show up on last nights 4AM scan.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please submit this particular file to Eset for analysis (support@nod32.com).
     
  3. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I already submitted it to samples@nod32.com but i will send it to support also, thanks
     
  4. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Coming up on 24 hours and still no response from Eset. Frequent False Positves and another fine demonstration of their outstanding customer support that everyone in this forum always mentions. Fortunately I have licenses from multiple AV companies. Panda answered in about 30 mins to say the file wasn't infected and it must be a false positive with NOD. Trend Micro about 10 mins after that and said the same thing. Way to go ESET!
     
  5. WAYTOGO

    WAYTOGO Guest

    That's ok, if they want to loose their customer base then that's their problem. I have no problem with that since I will not renew my contract with them. I just fear the hours of frustration of other users who will accidently delete their files especially if they used RAR to compress their files. I.E my monthly project took a lot of space so I had to rar it, but in order to open the file at any other PC I used SFX and now with NOD32 my whole project was deleted due to the false positive...now my original is at work so the work I took for the weekend is gone. :) !!! YAYA!!!!
    Thanks!

    That's ok lots of customers will be causing away at the tech support and the fact that most of their data will be deleted (rar) and without any word from ESET so far (no update no patch).
     
  6. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    To all those who helped with or endured this fp, the latest def update has solved this fp, at least on my system. Thanks for all the help and support. If it doesn't help on your system email support@nod32.com. Thanks everyone!
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good to see Flyrfan111

    Cheers :D
     
  8. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Thanks Blackspear. BTW I had a question for you, how do you exclude a file during a command line scan?
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Sorry Flyrfan111, I'm not sure about that one, can you please start another thread on this, so we can all learn :)

    Cheers :D
     
  10. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Ok, No Prob., Thanks again.
     
Thread Status:
Not open for further replies.