Download Express reported as virus

Discussion in 'NOD32 version 2 Forum' started by nonesuch, Jun 29, 2007.

Thread Status:
Not open for further replies.
  1. nonesuch

    nonesuch Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4
    Location:
    USA
    Hi,
    I have been using NOD32 for a couple of years now and have never run across this. Download Express has just been updated. When I try to download the installer NOD32 tags it as a "probably unknown NewHeur_PE virus" and moves it to quarantine. I have submitted the file for analysis. I have attempted to download the file from numerous locations with the same results.

    What do I do now? Wait for NOD32 to analyze the file? Report this to Download Express which I have done in their forum? I just don't know what to do now. I can't imagine that it is a virus.

    Thank you,
    G. T.
     
  2. ASpace

    ASpace Guest

    Hello ! Welcome to the forum !

    Probably unknown NewHeur_PE virus is heuristic detection made by emulating the file in virtual environment . NOD has found something suspicious inside this because something acts like a malware (although it might not be a real one) . Just to be sure , you need to send the sample and details to ESET Threat Lab , mail samples[at]eset.com . You may also include a link to this thread :thumb:
     
  3. DavidCo

    DavidCo Registered Member

    Joined:
    Jul 9, 2005
    Posts:
    503
    Location:
    UK
    I'm sure it is an FP
    The latest Massdownloader does not have any problems with Nod32

    Eset will soon sort it out
     
  4. nonesuch

    nonesuch Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4
    Location:
    USA
    This morning I was able to download and install Download Express with no problem from NOD32. NOD32 must have fixed this in its last update.

    Thank you for the good advice. I will know what to do next time something like this happens.

    G. T.
     
  5. DavidCo

    DavidCo Registered Member

    Joined:
    Jul 9, 2005
    Posts:
    503
    Location:
    UK
    Eset hate FP's
    :D
     
Thread Status:
Not open for further replies.