NIS 2004 > ISSTE.dll as a virus

Last night I´ve had a NOD32 vir warning. It aplies at Norton IS 2004 (firewall, not AV): ISSTE.dll > CRYPT.WIN32 Virus
The FW hangs, and I need to restart my computer. After that I´ve just scan again that directory and nothing´s found.
I´ve just added that directory to a temporary not scan option. But don´t know if this could be correct.
Any sugestions?

backfolder.-

 

Hi BF, can you send a copy of your scan log to support@nod32.com if it is a false positive they will let you know and fix it in the next update or so...

Cheers

 

Hi Backfolder,
I received the file in question, but my AMON didn't detect anything in it, even with AH enabled and the heuristics sensitivity set to deep. Please make sure your NOD32 is up to date.

 

Hi Marcos, from the link provided by Ronjor, it appears to be a false positive.

Cheers

 

Well, this happend to me in two diferent machines this same week. This mine and one of a friend. The thing is that the Virus Definition is 1.795 (20040625) in my machine. And also updated im my friend´s machine to any previous. The effect is NIS get disabled and you exposed to the damages of the net.
- My pc: NIS04 yet installed, and then/over NOD32, get this warning.
- The guy: NOD32 yet installed, and then/over NIS04, and get this warning. Result is corrupted installation of the rest of NIS and then you need to uninstall, disable AMON - NOD32, and reinstall.

KAV Online says:
---------------
Scanned file: ISSTE.dll

ISSTE.dll - packed with XLok
ISSTE.dll - OK

Strange NOD behavior, never happend before.

Thanks anyway to all.
backfolder.-

 

Hey LWM, I caught that It just looked like there was an issue regarding that particular file and Kav, and there appears still to be a problem while installing with Nod on a system, maybe this is the only way the problem can be replicated?

Cheers

 

Hi Folks,

I have the same problem with false positive, but installing the last version of Nero 6.3.1.17.

Any ideas ?

 

Thanks a lot for your help.

Best Regards,

DonKid.