Discussion in 'ESET NOD32 Antivirus' started by edwin3333, Mar 27, 2009.
We are a VB / .NET shop.
Pattern file 3970 is false positiving on VB6 as vm.nzw trojan.
Um, odd. Which files? Have you sent them off?
I am receiving the same thing on the file C:\Windows\setup1.exe. The file has been on my system for a while (date modified from over a year ago). I ran a scan on the file with both Malwarebytes and Spybot and they found nothing. I sent the file in to ESET.
The detection occured during an MBAM scan just now.
From my Nod32 log:
27/03/2009 6:25:32 PM
Real-time file system protection
file C:\WINDOWS\Setup1.exe Win32/VB.NZW trojan
cleaned by deleting - quarantined
Event occurred during an attempt to run the file by the application: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.
NOD32 v2, defs 3970, XP home SP3
Same problem here:
C:\WINDOWS\Setup1.exe - Win32/VB.NZW trojan
FP's on installation files of programs of KarenWare:
D:\KarenWare\Disk Slack Checker\Version 2_5_2\ptslack-setup.exe »ZIP »PTSlack.CAB »CAB »SETUP1.EXE - Win32/VB.NZW trojan
D:\KarenWare\Drive Info\Version 2_3_1\ptdinfo-setup.exe »ZIP »PTDInfo.CAB »CAB »SETUP1.EXE - Win32/VB.NZW trojan
D:\KarenWare\URL Discombobulator\Version 1_9\ptlookup-setup.exe »ZIP »PTLookup.CAB »CAB »SETUP1.EXE - Win32/VB.NZW trojan
For KarenWare, see:
I will inform Karen.
The file Setup1.exe is a Microsoft file.
MD5 checksum (at least on my system):
The file C:\WINDOWS\Setup1.exe has the following Checksum(s)
MD5 - C6264B17629F6F9F0BD2BA7671CEFF69
Give me a moment and I'll submit it too.
Is 3970 bugged like 3901 and 3918 were earlier this month?
I wouldn't really call this anywhere near as serious as 1918, because 3918 should have been caught by testers where as this is much harder to catch.
Ough this is a Microsoft file ...
About 8 hours after the first posting about this and no reply from ESET in this thread on its official forum and no fix and the weekend is coming .....
ESET issued a new Def set (3971) but the issue still exists.
I can confirm the issue is still here. NOD32 just performed an scan and detected setup1.exe as a "Win32/VB.NZW trojan".
In an hurry:
It's fixed with defs 3972
yay, noticed it when I woke and first used the PC. well done.
Separate names with a comma.