NewHeur_PE?

Discussion in 'NOD32 version 2 Forum' started by sir_carew, Oct 1, 2003.

Thread Status:
Not open for further replies.
  1. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    :doubt:

    Hello, I'm using NOD32 v 2.0 with the latest updates.
    I install the advanced heuristic shell and work perfect, but I start a scan with the advanced heuristic enabled, and when the scanner us analyzing the memory, it show the following:
    probably unknown NewHeur_PE virus found in operating memory. NOD32 cannot clean this infiltration. No action can be applied to memory infiltration.
    And only the option "Leave" is available.
    I also use KAV, McAfee and Dr. Web as backup scanners all with the latest updates and the heuristic enabled and nothing. I also checked the msconfig.exe and nothing extrange. In the normal heuristic mode (in deep) NOD not detect anything.
    I'm using Win XP Home... with 120 ram (8 mb shared with the graphic card), AMD duron 1,1 gbhz.
    What happend?, How can I report it very possible false positive to Eset?
    Thanks.
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    sir carew,

    Advanced heuristics are bound to provide (possible) false positives on ocassion - for that reason it stated "probably unknown virus....etc. This comes with the Advanced Heuristics territory.

    Seems to me your system is clean, though ;)

    regards.

    paul
     
  3. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    If it was just a single file, it could be a false possitive. But to get some reliable info, just fork the file to ESET.
     
  4. rayce00

    rayce00 Registered Member

    Joined:
    Jan 24, 2005
    Posts:
    3
    I got the same thing message without using advanced heuristics. Zip is on its way to eset. Same thing was in winsrv.exe and dist.exe of Windows Dir.
     
Thread Status:
Not open for further replies.