Hi everyone. Sorry if this is a stupid or trivial question, but I'm a little concerned about something that recently occured, and I'd like some opinions.

I check my email from two locations: At home on a Desktop running WinXP, protected by the latest update of NOD32 v2 - And on a Laptop at work running OSX 10.5.5 protected by Symantec (Don't ask. It's work-required and I hate it).

Anyhow, tonight something weird happened. My home computer is ever-vigilent, and hasn't found any virus to speak of as it regularly scans once a week and has all the typical monitoring processes in place. My laptop also scans once a week - But this time the laptop found a 'downloader' virus that upon closer inspection was contained in the Opera mail files. Because I use IMAP for my mail, this means that the virus was in both locations (the infected file was dated several days ago).

I deleted the file from the IMAP server, but I'm concerned that Symantec might've caught something that NOD32 let slip through. That's not something I'd ever expect! Therefore, I'm concerned that I may not have NOD32 set up to monitor my mail correctly. Can anyone provide any insight into this at all? I'd hate to get caught by a virus just because I've not ticked a radio box somewhere.

Thanks in advance!

Hello,

NOD32 v2.70's IMON module does not scan mail transferred via the IMAP protocol for Opera. That function is provided by the EMON module, but only when using Microsoft Outlook.

Regards,

Aryeh Goretsky

{QUOTE-> Hello,

NOD32 v2.70's IMON module does not scan mail transferred via the IMAP protocol for Opera. That function is provided by the EMON module, but only when using Microsoft Outlook.

Regards,

Aryeh Goretsky <-QUOTE}

Thank you for the reply! Does this mean that even an In-Depth scan from the NOD32 on-demand module will not see a virus in Opera Mail? I did an in depth-analysis after this infected message should have been in my inbox, but NOD32 didn't seem to find it.

Does this mean that Opera Mail is a way for viruses to bypass my NOD32 protection? Can they infect my system from the mail folder on my harddrive without NOD32 interveining? Or will NOD catch them if they try to launch?

I'm concerned that Opera Mail might be a huge backdoor, now! I despise Outlook, and I really hope I can keep using both Opera and NOD32. Thanks.

Hello, when file is downloaded and you want to run him, NOD32's AMON will scan this file and if malware will be found, he notices you.

If you have got undetected files, yet, send them in archive with password "infected" to samples[at]eset.sk with this thread's url in the subject.

You may also study this thread on the Opera Forum for some background info re Opera Mail and virus alerts:

http://my.opera.com/community/forums/topic.dml?id=47422

{QUOTE-> When Opera downloads mail, it saves attachments in your cache in order to open/access them. This does not mean that your system is infected.

In order for a virus to infect your system, the virus code has to be executed. Opera does not run/execute attachments or other files automatically.

Simply saving a virus to your disk will not do any harm, and Opera never runs executable attachments manually. But since some virus scanners are configured to trigger on viruses even before there is any danger of infection, you may see these false alarms.

In order for a virus downloaded with Opera to infect your system, you have to run the executable attachment manually. Opera will not do this automatically, so your system will not be automatically infected.

Summary: It is not possible to get infected automatically when using Opera. The only way to get infected is to run an executable attachment containing a virus manually. <-QUOTE}