I have just noticed, there is no setting available in AMON for Quarantine of a file upon detection of an infection.

I am wondering as to why this is so, and when will it be remedied?

As well, when it is implimented, shouldn’t it be ticked by default for safety reasons?

Cheers ;D

That would be a good piece. I also asked for an option if not cleanable, then delete (which I thought would have been implemented in 2.12.2). Quarantine would be nice in case it was a valid file that was cleaned or deleted.

Clean automatically in AMON does not at this point delete an infection, but only cleans the file if it is cleanable of the code added to the file in question.

For users that are not familiar using NOD32 and the Clean automatically option has been set, the file will not be deleted, since it can not be cleaned (the malware itself) it is left without further user interaction.

Clean or delete automatically would seem to be a better choice (with Quarantine).

{QUOTE-> I have just noticed, there is no setting available in AMON for Quarantine of a file upon detection of an infection.

I am wondering as to why this is so, and when will it be remedied?

As well, when it is implimented, shouldn’t it be ticked by default for safety reasons?

Cheers ;D <-QUOTE}

by ticking the top option it should give you the option to quarantine. I have not been infected so I can not say for certain what the options are it offers but it should offer quarantine. At least all of the other antivirus progrms I have used offered that option.

After a little more looking I see that quarantine in amon is definantly absent

{QUOTE-> After a little more looking I see that quarantine in amon is definantly absent <-QUOTE}
Yes, and I think this needs to be addressed fairly quickly, just as a safety factor. Also Quarantine should by default be ticked on everything, there would be less chance of a slip up if it was done this way, as well when a new user panics (and this is usually what happens – it is understandable) and deletes a file there is a backup, and if asked they can send the file to Eset...

Another one that Rumstah has brought up that also should be added is quarantining files by command line, again another safety factor...


Cheers ;D

{QUOTE-> After a little more looking I see that quarantine in amon is definantly absent <-QUOTE}

True, but your initial suggestion and suspicion is, nevertheless, correct. If 'Prohibit access and display alert window with action selection' is the option configured in AMON's setup, then when AMON detects a virus its alert window does offer quarantine as an option and it works as advertised. Below is the result of a test I carried out to check:

26/09/2004 21:16:11 AMON file C:\Documents and Settings\[user name]\Application Data\Mozilla\Profiles\default\xxxxxxxx.slt\Cache\6FD8DA13d01 VBS/TrojanDropper.Zerolin.A trojan quarantined - deleted

I am glad to hear that it does at least offer quarantine in that configuration.

{QUOTE-> True, but your initial suggestion and suspicion is, nevertheless, correct. If 'Prohibit access and display alert window with action selection' is the option configured in AMON's setup, then when AMON detects a virus its alert window does offer quarantine as an option and it works as advertised... <-QUOTE}
I seem to remember that now, still would be safer to have everything in all modules set to Quarantine by Default, I can not see a downside to this, and if somebody wants to lower their safety it is their choice to do so...

Cheers ;D

{QUOTE-> I seem to remember that now, still would be safer to have everything in all modules set to Quarantine by Default, I can not see a downside to this, and if somebody wants to lower their safety it is their choice to do so... <-QUOTE}

I agree completely with what you are saying and I was somewhat surprised to discover that Quarantine was not on by default for all modules. Hopefully this is nothing more than an oversight that can be quickly remedied.

I never notice that, but could be a nice feature to add... ;)