Online Armor False Positive

Discussion in 'NOD32 version 2 Forum' started by Escalader, Jun 25, 2008.

Thread Status:
Not open for further replies.
  1. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    In the recent beta versions on Online Armor, Nod 32 v2 keeps finding an oa exe in kernal memory and tagging it:

    Another message was:

    It also surfaced in the scan of a restore volume.

    Isn't there a solution for this, clearly ( to me anyway) the problem isn't a real virus is it. It seems a FP.

    If you guys are already working this one, I appologize in advance.
     
  2. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    This starts to go actually annoying. This is not the first time it happened. As you can see all the OA files are digitally signed, so is it really a problem to verify the signature and fix FP once and forever ?
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Since this is the beta, perhaps the beta users could question the OA folks and see if they still have the same comment as in the past.

    Conflict with Online Armor

     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please PM me a link to the version which is still being flagged by heuristics. I've downloaded a trial version from the vendor's website and my ESS didn't report anything during installation.
     
  5. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Marcos,

    It is a beta version and not publically available. AlexS is right though - it's digitally signed ;)

    Mike
     
  6. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Marcos/Mike:

    Don't know which team fixed the FP but Nod 32's Amon is no longer tagging the OA Beta version 150 exe at the kernal level.

    Since I changed nothing other than routine updates from both products, somebody else deserves the credit.

    Again TY.
     
  7. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    This started again with build 155 !!!
     
Thread Status:
Not open for further replies.