Nod32 false positive

Discussion in 'ESET NOD32 Antivirus' started by jw232, Dec 26, 2008.

Thread Status:
Not open for further replies.
  1. jw232

    jw232 Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    2
    Nod32 gives me a lot of false positives on several applications where I use an "open containing folder" action. For example, in uTorrent, when I right-click a completed torrent and select "open containing folder", Nod32 gives the following alert message:

    Object:
    C:\temp\rdl11B6.tmp
    Threat:
    Win32/AutoRun.FakeAlert.M worm
    Information:
    cleaned by deleting - quarantined

    and instead of the correct folder being opened it goes to My Documents. Other programs that Nod32 does this with have a similar alert message. The object is always of type .tmp in C:\temp and the threat is always Win32/AutoRun.FakeAlert.M worm. When I disable Nod32 the alert messages do not appear but My Documents is still opened instead of the correct folder. How can I fix this? Thanks.
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,001
    Considering it's temp, I think you're actually infected with something...
     
  3. jw232

    jw232 Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    2
    I ran Avira and AVG and they didn't say anything. And if it is a real virus, I'm suspicious why it only runs when "open containing folder" is clicked. Nothing showed up when I scanned the temp folder.
     
  4. Mitjko

    Mitjko Registered Member

    Joined:
    Dec 27, 2008
    Posts:
    1
    It doesn't mean it is false positive. I had much trust in ESET NOD32, but now I'm disappointed. My friend call me and told me he found a virus with his Symantec antivirus in one file which I sent him. I upload file here:
    http://virusscan.jotti.org/
    and the results are in the attached file. If there are more than 5 positive, then you're probably infected.
    Cheers

    Snipped: link removed. Posting links to malware is against TOS. Remember that no AV detects 100% of all malware and what one detectes the others can miss and vice-versa. Please send the file in question in a password protected archive to samples[at]eset.com with this thread's url in the subject.
     
    Last edited by a moderator: Dec 27, 2008
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.