NOD32 scanner says I have 4 ACTIVE viruses out of 7 that it detects. It won't attempt to clean them or delete if not cleanable even though I have it set to do this. Says all it can do is "leave" them.

All seven of these are zipped so they should be "harmless", correct? Then why does NOD claim that four of them are active?

Further, NOD32 scanner in clean mode hangs on all seven of these. Marcos had told me several weeks ago to send anything NOD32 hangs on to Eset. He said NOD32 should not hang. But NOD32 has always hung. Even version one did this. That is why I seldom run an on demand scan. In scanning mode, NOD32 doesn't hang so maybe Marcos misunderstood me earlier? I don't see the point of scanning mode. I want to run in clean mode and have NOD32 clean, if possible, each virus it finds and if it cannot clean then delete and quarantine and then continue scanning until finished. I do not wish to sit and watch NOD32 throughout the scan (even though the scan is under 10 minutes) so that I can unhang it each time it finds a virus.

So, has my NOD32 always behaved incorrectly in clean mode? I always thought it was Eset's deliberate way of doing it which I think is very inconvenient to the user. So, which is it? Is my NOD32 hanging when it should not? Or is it behaving the way Eset intends?

What do you mean by "hang"?

Only that it is awaiting user input, or that it actually "hangs"?

If it's awaiting input, do you get the "What should I do with this object"-question? If so, change the action you want for "Archives" in the "Actions" tab of the scanner.

Note that if an archive contains an infected file, but also non-infected files, the whole archive will be removed.

Best regards,
Anders

Thanks. "Hang" was a poor word choice. I meant that it paused and waited for user action not that it actually hung or froze.

The problem was my fault. :-[ I had files and runtime packers set to clean, if uncleanable then delete and place a copy in quarantine. I thought I had archives set the same way. Your post got me to double check and when I did I saw that I had archives set to clean, if uncleanable then to notify/ask. No wonder NOD32 stopped and waited for me to do something. I feel rather dumb at the moment. :(

I still would like to know though why NOD32 calls four of them "ACTIVE" when all of them are zipped and are actually "INACTIVE." Plus, why does it call only four of them active and not the others? (It does this if I scan with it set to notify/ask if the virus in an archive is uncleanable).