NOD32 Going Nuts!

[Sethos]

Hey,

This morning I decided to do a scan with SUPERAntiSpyware.

During the scan, this popped up;

I figured it was a false positive and moved on. During the scan it popped up around 4-5 times,

3 times saying it was during the SAS Scan and one time while I tried to open Fireworks.

When I tried to open a file in Fireworks, NOD32 Popped up and said it had found a virus in Fireworks.exe.

My Computer crashed and I had to reboot. Now I'm at the desktop, opened Firefox and this popped up;

I closed Firefox, waited 2-3 minutes, when this popped up;

When I closed that, the first "Adobe" one appeared yet again ...

Is my NOD32 going nuts here or is my Computer being overrun :p

I never downloaded any dodgy files, I always have Comodo running to block out unwanted files, have a fully updated version of NOD32 and scan weekly with different spyware software.

So I'd deem my Computer safe, but why would so many different false positive appear, even after a reboot?

What's going on?

[+BeLGaRaTh Subscriber¹]

Just seen your post in the GRID thread, as mentioned I have SAS (4.1.1046) and ESS (3.0.657.0) and have had this issue since updating ESS yesterday, I believe it is some sort of conflict, and have fired off an email to both companies outlining the issue. It's hard to say who is the culprit as I also updated SAS a few days ago. I do not get the popups whilst doing an SAS scan, it can happen randomly, even whilst the system is idle. For this reason I don't know which one to blame, I know I have Real Time Protection set in SAS but I thought that only checked running apps/processes.

I will await a reply from them both to find out what is happening, though usually ESET take around a week or so to respond :(

[Sethos]

Ah, thank you for the reply (Y)

I do believe It's due to the 'conflict' between the two, since I haven't done a scan with SAS ever since I installed Vista.

So today I decided to do a Full Scan and suddenly these virus notes pop-up, there has to be a connection then.

Think I'll disable SAS' real-time protection so I get rid of the random pop-ups and see if either NOD or SAS releases an update to fix it.

But do let me know when you get a reply to those Emails!

[WarStorm]

Hey guys,

I've turned my computer on this morning and Eset NOD32 has started to declare files on my computer as an 'Unknown Virus'!!?

Its quarantined NeedForSpeed.exe and FootballManager.exe. Its now thinking Folder@Home .exe is a virus!

I think Eset has mucked something up with there last update?

Anybody else have this problem?

Thanks,

:blink:

[Gilly]

I don't have SUPERAntiSpyware and I got similar errors at startup today, just after updating the virus definitions. The difference was the "event" occurred when Explorer.exe was trying to access the files.

[Sethos]

Hey, WarStorm

Just posted something similar, https://www.neowin.net/forum/index.php?show...=638454&hl=

Seems like NOD32 is having some problems today :/

[WarStorm]

Oops found an answer -

http://www.wilderssecurity.com/showthread.php?t=210117

[+Frank B. Subscriber²]

You're not the only one with this problem: See this thread. It seems as if ESET have buggered up majorly with one of their updates.

[WarStorm]

Same with Eset- i just posted my own thread! - didnt see yours sorry!

But yeh its quanteened Folder@Home exe, Need for speed, and Footbal Manager!

Brilliant!

[WarStorm]

Sorry mods for posting a duplicate thread - I was in a panic and didnt search :( . Delete this thread if you wish

[Lee G. Veteran]

Mine just did the same! It quarantined gta-vc.exe (GTA Vice City - although it was an edited .exe so you can run it without a CD - but that's only because I can't be bothered to put the CD in - I doubt it's a virus).

[WarStorm]

I've disabled protection for now. - (waits for trolls to come in saying dnt use NOD32...)

[+BeLGaRaTh Subscriber¹]

Just had a call from ESET, apparently they know an issue with the latest version which gives false/positives with Adobe software, but this is the first they heard of it throwing up the threat alert with other software. I advised all the apps I am getting it with and he said he would get back to the devs to advise them of this new information.

Unfortunately there is no way of going back to an older version (unless you can find it elsewhere to download, as they don't have access to previous builds :()

[LooneyTunes]

Nod32 can be a bit of a pain like that, its still one of the best antivirus around. I had the same thing with superantispyware, so just alowed it, as I know its not got a virus in it. Its all a bit of common sence really.

<Removed spam>

Edited May 22, 2008 by Persephone
Spam links

[MMaster23]

I can confirm .. my NOD32 3.0 is going crazy as well .. mostly over Adobe software. Hopefully this will get fixed very soon.

[Lee G. Veteran]

Is there any way to reset the number of blocked attacks counter? My count has just gone from 0 to 73 (only a few files have been detected though), haha.

Mine is also going crazy over Adobe software.

[Warlock6669]

It did the same thing for me with nwn2main.exe (Neverwinter Nights 2) this morning. It definitely looks like an eset bug.

[WarStorm]

Just had a NOD32 update! - dunno if its fixed it though!

Seems to be fixed?

UPDATE EVERY1!

[Sethos]

Yup, update fixed it - That was fast.

Kudos ESET (Y)

[Lee G. Veteran]

Yeah, an update fixed everything for me too (Y)

Here's how to reset the number of attacks blocked counter, http://www.wilderssecurity.com/showthread.php?p=1163517

[+BeLGaRaTh Subscriber¹]

All seems fine this far, good work ESET. Thanks for that link lcg :)

[xankazo]

what update are you guys talking about? I have the latest version (v3.0.657.0) and this morning it tagged and deleted cfp.exe (COMODO) for a virus.

[hjf288]

I've disabled protection for now. - (waits for trolls to come in saying dnt use NOD32...)

ZOMG Why you use NOD32!!! Kaspersky 2009 !!!! :laugh:

Glad to hear its fixed though... Reminds me to reinstall it :)

[WarStorm]

what update are you guys talking about? I have the latest version (v3.0.657.0) and this morning it tagged and deleted cfp.exe (COMODO) for a virus.

Definition update - 3120 - tagged files as viruses like Comodo

3121 - (you might have to manually update) will fix those problems (it did with me)

I also got a program module update which could have also fixed it?

[+chorpeac MVC]

Hmmm...with a turn around that quickly....it makes me wonder if they test these things very thoroughly....gesh.

It's like....oh shoot! Hurry post that fix NOW! I mean yesterday! We can't take any bad press....

[Harlem39s Finest]

thanks for heads up.