In House Application Recognized as Virus?

Discussion in 'NOD32 version 2 Forum' started by hutchingsp, Aug 13, 2007.

Thread Status:
Not open for further replies.
  1. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    I'm testing NOD32 Enterprise. Today one of our in house applications was recognized as a potential virus (newheuer) which it obviously isn't, I think the a/v is just detecting it through heuristics of some sort.

    As I understand it I can exclude the default application path/filename from scanning or turn off heuristics (which seems to defeat the point).

    Is there any other way to "teach" NOD32 that it is safe for what could end up as a x00 seat install base?

    Thanks in advance.
     
  2. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Submit the file for analysis and the detection can be fixed that way.
     
  3. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    It's in house though i.e. nowhere other than our company would use it.
     
  4. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    It would still be easier to get it fixed that way then having to exclude it from so many work stations.
     
  5. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    Ok if they will do that cool - tbh I assumed they wouldn't as if every single application any company developed that looked suspect were sent to, and excluded by Eset I thought they'd end up with a huge set of definition files, IYSWIM.
     
  6. ASpace

    ASpace Guest

    Don't worry so much but send the file for inspection . ESET should use the file only for threat inspection , they won't steal any information from you .

    You can use this form providing info and your UN from the NFR you have for testing
     
  7. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
    i've had a similar issue with false positives with files only our company would use and thye wer efixed within a day or so of submitting them to ESET, they are very quick at sorting out FPs.
     
Thread Status:
Not open for further replies.