Heuristic bomb

Discussion in 'NOD32 version 2 Forum' started by x71us, Oct 19, 2006.

Thread Status:
Not open for further replies.
  1. x71us

    x71us Registered Member

    Joined:
    Oct 19, 2006
    Posts:
    3
    I just scanned with A2 free. It found what it says is a Heuristic bomb in an nod update file.It reads something like this. Name: Heuristic.ArchiveBomb located in C\Program files|eset|\ubd files\ubd6FEDver/update.ver Thats a false positive Right. How do you suggest I proceed. Maybe ignore or do you think I should do something else.
     
  2. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    IMHO this is a FP for sure, but i have to say i don't have this file in my Eset folder! Myn is called 'upd1AB8.ver'

    A-squared has a lot of FP in the last time. It declares all my exe files from Acronis TI as a 'Heuristic Bomb'. I sent this FP report last week to a-squared. I suggest you do the same to submit@emsisoft.com with the files attached in a rar/zip file.

    P.S. I just updated a-squared and i saw that the heuristic part is changed with this update. I will scan again and see what happens regarding my FP.


    Edit:A-sqaured is still declaring following files as Heuristic Archive Bomb
    Kind of funny. The Eset Folder seams to be clean :)
     
    Last edited: Oct 19, 2006
  3. x71us

    x71us Registered Member

    Joined:
    Oct 19, 2006
    Posts:
    3
    Thanks, I will do as you say . Iwas sure ut was a fp.
     
  4. elyor

    elyor Registered Member

    Joined:
    Jan 30, 2007
    Posts:
    3
    Then why does setupapp.exe dials out to a DNS(53) during installation?

    Comodo Firewall Pro popped up and I promptly denied the request.

    What is the purpose of this "spyware-like" behavior?
     
  5. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    update to the latest defs? At what point in the installation did the installer query a dns server, and what was it looking for? Don't know? Get on with it... it's protection that needs to get UPDATED!
     
  6. DavidCo

    DavidCo Registered Member

    Joined:
    Jul 9, 2005
    Posts:
    503
    Location:
    UK
    elyor
    What web site did you download the application from
     
Thread Status:
Not open for further replies.