CesiaS
February 6th, 2007, 06:56 PM
I'm new to NOD32, started using it 2 weeks ago.
While I was scanning my PC with Housecalls this alert popped up ( log)
Time Module Object Name Threat Action User Information
7/02/2007 8:51:39 AM AMON file C:\DOCUME~1\ELISAB~1\LOCALS~1\Temp\VDN4FHa01056 Win32/PowerReg application quarantined - deleted DHVC391S\Elisabeth Event occurred on a new file created by the application: C:\Program Files\Internet Explorer\iexplore.exe. The file was moved to quarantine. You may close this window.
I was using IE7, Amon is configured as follows - Options all selected, Actions - Prohibit access and show alert windows, move to quarantine.
Qustion1. Could NOD32 be flagging Housecalls activities ?( ie this is a false positive)
Question2. With AMON setting as described above is my PC totally protected from the suspect/infected file?? Is "prohibit access" enough or do I need to delete it or attempt to clean it at some stage as well? If so - how?
I find this confusing
http://www.wilderssecurity.com/showthread.php?p=266653#post266653 post #35 "...Quarantine ONLY makes a secure copy of the Virus or Trojan found so it can be sent to Eset for further analysis, it does NOT isolate the Virus or Trojan".
I know there is an option "clean automatically", but I'm not conmfortable using it in case false positive gets deleted. ??? As I said I'm still learning.
BTW Housecalls returned all clear
Thank you
Cesia
While I was scanning my PC with Housecalls this alert popped up ( log)
Time Module Object Name Threat Action User Information
7/02/2007 8:51:39 AM AMON file C:\DOCUME~1\ELISAB~1\LOCALS~1\Temp\VDN4FHa01056 Win32/PowerReg application quarantined - deleted DHVC391S\Elisabeth Event occurred on a new file created by the application: C:\Program Files\Internet Explorer\iexplore.exe. The file was moved to quarantine. You may close this window.
I was using IE7, Amon is configured as follows - Options all selected, Actions - Prohibit access and show alert windows, move to quarantine.
Qustion1. Could NOD32 be flagging Housecalls activities ?( ie this is a false positive)
Question2. With AMON setting as described above is my PC totally protected from the suspect/infected file?? Is "prohibit access" enough or do I need to delete it or attempt to clean it at some stage as well? If so - how?
I find this confusing
http://www.wilderssecurity.com/showthread.php?p=266653#post266653 post #35 "...Quarantine ONLY makes a secure copy of the Virus or Trojan found so it can be sent to Eset for further analysis, it does NOT isolate the Virus or Trojan".
I know there is an option "clean automatically", but I'm not conmfortable using it in case false positive gets deleted. ??? As I said I'm still learning.
BTW Housecalls returned all clear
Thank you
Cesia