NOD32 AV Beta 4.2.22.0 on XP Pro SP3, Dell OEM - IE 8, All fully patched.

A recent on-demand scan item showed one infected item.
It was automatically sent to ESET for analysis.

My question is this for the Developer Team.

If an item is flagged during an on-demand scan and automatically submitted, shall I assume that the item is no longer on my system ?

I cannot find the flagged item in the scan log.
The scan log scroll is also very slow as I log all items.

Thanks.

i know you probably already looked, but i'll ask anyway. have you looked in Tools > Quarantine?

I thought of looking in Quarantine, there was nothing but I appreciate the suggestion.
My last on-demand scan showed: -{ Quote: " 31/01/2010 8:41:47 PM Operating memory;C:\Boot sector;C:\;D:\Boot sector;D:\ 309753 1 0 completed " }-
The numerical "1" being the infected item that I am no longer able to locate.

It's written in the log:
309753 - total number of scanned files
1 - number of infected files
0 - number of cleaned files

Did you run the scan in cleaning mode? Ie. didn't you tick the "Scan without cleaning" check box? If not, opening the log should reveal more details about the infected file as well as the reason why cleaning failed.

-{ Quote: "
The scan log scroll is also very slow as I log all items." }-
I wouldn't recommend enabling all files or the scan logs will grow significantly. If computers with logging all files connect to ERAS, transmitting the log files several dozens of MB in size will have adverse effect on the ERA server performance as well as the network bandwidth.

-{ Quote: "Did you run the scan in cleaning mode?" }- Yes, I did, the item is still being flagged as -{ Quote: "JS/TrojanDownloader.Agent.NRL trojan" }- in my .dbx email archive. -{ Quote: " Ie. didn't you tick the "Scan without cleaning" check box? " }- I don't quite understand what you mean by this, Marcos - if you would elaborate, please. -{ Quote: " I wouldn't recommend enabling all files or the scan logs will grow significantly. " }- Noted and thank you, I have reverted the scan logging to default save email file scanning.

-{ Quote: "Yes, I did, the item is still being flagged as in my .dbx email archive. " }-

That explains it all. Antivirus programs are only able to scan dbx files (ie. in read-only mode), they are not able to write into them. What you can do is look up the particular email in Outlook Express and delete it manually.

-{ Quote: " 03/02/2010 9:46:44 PM Real-time file system protection file
C:\Documents and Settings\siljaline\Local Settings\Temporary Internet Files\Content.IE5\21L96FZ1\wbk8A81.tmp JS/TrojanDownloader.Agent.NRL trojan cleaned by deleting - quarantined RANDY\siljaline" }-
Offending email re-opened since I now know which it was, now in quarantine.