NOD32 Archive Virus Detection Problems

Discussion in 'NOD32 version 2 Forum' started by Kal525, Feb 17, 2005.

Thread Status:
Not open for further replies.
  1. Kal525

    Kal525 Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    2
    I just purchased NOD32 due to the very good reviews it seems to have gotten. I have read through the configurations post on this forum and configured everything as instructed, however there seems to be some weakness when scanning archives (yes, scan archives is ticked everywhere I could find it).

    Here is what happens: When I run a deep-scan it detects a virus in a .rar archive and doesn't prompt me to do anything. When the scan terminates I click on clean, but the only option not grayed out is "leave alone" So the only way I can delete the virus is to do it manually. Why is this? I would expect a pop-up and a red flag yelling at me telling me I have a virus, but it's so subtle I almost missed it.

    The only time I do get a popup telling me a virus was detected is when I extract the archive and it scans the virus file within that archive as it is extracted.

    Any ideas why this is happening, it'd be great to at least be able to have NOD32 delete a virus it detects in deep-scan even if it's embedded in an archive, to be able to delete the entire archive.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,084
    Location:
    Texas
    Kal525

    Welcome to the forums.

    From the NOD support page.

    This situation may occur under the following circumstances during a scan with NOD32 scanner:

    1. the virus was detected in an archive
    NOD32 is not capable of taking actions on the files within an archive. Therefore, please delete the whole archive manually if it contains only the virus, or use the appropriate unpacker such as WinZIP, WinRAR, etc. to delete the particular infected file in case the archive contains also other non-viral files.
    2. the virus was detected in an Outlook Express DBX file
    Since no program except Outlook Express is capable of intervening in DBX files, please identify and locate the particular email in Outlook Express according to the sender, date of sending, subject, etc. and delete it manually. If you use IMON, there's no chance a virus would get into the DBX file unless you don't take any action when prompted by IMON.
    3. the virus was detected in a UPX-packed exe or dll file via the NOD32 on-demand scanner
    Please send the infected file to samples@eset.com and locate and delete it from the disk manually.


    http://www.nod32.com/scriptless/support/ans/9k.htm

    http://www.nod32.com/scriptless/support/nodfaq2.htm
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.