Scanner alert?

Discussion in 'ESET NOD32 Antivirus' started by SG1, Sep 23, 2008.

Thread Status:
Not open for further replies.
  1. SG1

    SG1 Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    430
    This is a rounbabout query, re NOD32, (so bear with me, please). I have two dedicated install/uninstall apps, as most common apps have very poor uninstallers.

    Recently, when installing apps with Total Uninstall 3 it apparently looks at something in the other/lesser used installer, notably a log file I think re former attempted installs-uninstalls with Spysweeper (which is no longer used or even installed).

    In the process and starting just recently, NOD32 gets excited with its "red flag alert", & apparently thinks something in said log file is some sort of trojan. Only NOD32 and Kaspersky online scanner think said file's a bad guy, but none of the other security apps do including Trojan Hunter.

    But, if I have NOD32 set to report such things and (this FP is presumably corrected along the line I would assume), why the alert still popping up then? And, again, this just started recently.

    Ran NOD32 again, to get (most of a) screencap on its results, and have enclosed what I think are pertinent settings for NOD32. Are these settings correct?

    Thanks for help/info,
     

    Attached Files:

    Last edited: Sep 23, 2008
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    If you scroll to the end of the line reporting the infection in the log file does it say what malware was detected? All I can see in the screen shot is part of the directory path information.

    Regards,

    Aryeh Goretsky
     
  3. SG1

    SG1 Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    430
    Aryeh;

    Here ya' go; "stitched" together screenshots. Hope this helps (and as I say, I wondered why this just began recently re a program no longer installed).

    Thanks,
     

    Attached Files:

  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    It appears this could be a false positive alarm with another security program.

    Please send the WRSSHP.EXE file inside a .ZIP or .RAR archive file protected with a password of "infected" to samples@eset.sk with "Suspect False Positive" in the Subject: field and a link to this message thread for examination by ESET's virus lab.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.