NOD32 - False Positive for Hatu Trojan

B

bd

Did anyone notice that a couple of days ago, NOD32 was getting false
positives for the hatu trojan?

All of the sudden I started getting AMON alerts, which made no sense
to me because NOD32 has always been up on my machine. I began to
download another anti-virus program to double check this, but did a
virus def update (which is set for every hour in NOD32) and sure
enough there was an update and the warnings went away.

I didn't see anything on the NOD32 web site about this. It could have
been damaging if I started deleting files left and right.
 
S

Stig

Did anyone notice that a couple of days ago, NOD32 was getting false
positives for the hatu trojan?

All of the sudden I started getting AMON alerts, which made no sense
to me because NOD32 has always been up on my machine. I began to
download another anti-virus program to double check this, but did a
virus def update (which is set for every hour in NOD32) and sure
enough there was an update and the warnings went away.

I didn't see anything on the NOD32 web site about this. It could have
been damaging if I started deleting files left and right.



http://www.wilderssecurity.com/index.php?board=39;action=display;threadid=14527

Stig.
 
F

FromTheRafters

Did anyone notice that a couple of days ago, NOD32 was getting false
positives for the hatu trojan?

All of the sudden I started getting AMON alerts, which made no sense
to me because NOD32 has always been up on my machine. I began to
download another anti-virus program to double check this, but did a
virus def update (which is set for every hour in NOD32) and sure
enough there was an update and the warnings went away.

I didn't see anything on the NOD32 web site about this. It could have
been damaging if I started deleting files left and right.

Luckily for you, you are too clueful to do such a thing. More
people should realize the two things that an anti-virus program
can tell you, and what they mean.

1) I think that I found evidence that this file is malicious.
2) I found no evidence that this file is malicious.

Pertaining to #1, the program can be wrong. This is why
I phrased it as "I think that I found" instead of "I found".
Pertaining to #2, it should *not* be interpreted as "I found
evidence that this file is not malicious". Basically all that #2
tells you is that it is *probably* not a malicious program
known to the scanner (which is somewhat less reassuring
than the way most people interpret that particular AV
announcement).
 
D

Dennis Freshwater

I emailed Eset on 3 Oct to let them know about the false alarms when I got
two reports on my computer but nothing on online scans. They replied the
same day to apologise and say that the problem had been fixed.

Dennis
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top