strange quarantine operation?!

That's good to know about KAV as if Eset doesn't fix this I intend to trial KAV but not if it didn't give me an option to actually quarantine rather than copy. (Of course, what I want and hope will happen is that Eset will fix this before the end of October when I will need to renew).

I also hope that Eset will fix this because when you encounter a zipped virus when running NOD32 on demand scanner, clean and delete are greyed out. If there was a proper quarantine then the zipped file would be moved to quarantine where it could be left for ever which is probably what the vast majority of users would opt to do. As it is now, the user is forced to unzip the file IN PLACE....not in safe quarantine and let AMON deal with it (unless you want to just delete it without trying to see if it can be cleaned). The average user is going to be very nervous about doing this and I don't blame them. I would have been also a couple of years ago. I know a lot more now but I'm not an average user either.

Further, anyone doing an EICAR test is going to have a big problem! EICAR2.zip cannot be renamed or deleted by AMON. At least not on this XP Pro Sp1a box. I just get into an endless deadlock with AMON alerting and then saying an error has occured and it cannot clean so I try to rename....same thing...I try to delete...same thing. Now if AMON behaved liked this with a REAL virus that could harm my computer I would be furious and I would have another av quickly! Because this is the very sort of dangerous situation that should never, ever be allowed to occur. If this infected file when found on NOD32 scan had been SENT to quarantine and I went to that SAFE place to unzip and see if it could be cleaned and these errors occured that would not be a potential disaster. The way it is now, if this had been a real virus and AMON generated these error messages and I have a live virus unzipped in non quarantine territory on my box and I can't even delete it....WHOA!!!

I think fixing quarantine should be Eset's number one priority.

 

Re:strange quarantine operation?1

I personally wouldn't want every infected file moved to a quarantine folder. Then have to go to quarantine to deal with it?

 

Re:strange quarantine operation?1

Have to disagree, I want Nod to have a go at it first, and in this order:

CLEAN.
If unable to clean, then DELETE.
If unable to delete, then QUARANTINE, as in isolate the file so it can not harm my system, as well, I want it to advise me this action (quarantine) has occured.

And that's how I percieved Nod was handling infections, only to find Eset have tried to produce a new meaning for the word Quarantine. They really need to look at the dictionary meaning and adhere to it, or change the word they are currently using to "Copy".

Cheers

 

While I agree with the views that NOD32's implementation of quarantine is undoubtedly different to others, and clearly 'wrong' in the sense of the word, in general the correct behaviour can be obtained by configuring its on-demand scanner to clean+quarantine then delete+quarantine.

If Eset are unable or unwilling to understand why people should want quarantine to behave in a 'correct' way, then at least they could set NOD32's defaults to mimic this (by the above settings). That, I believe, would go a long way to satisfying most.

The real problem, though, as I see it is that NOD32 is unable to deal with viruses in zip files. This I find completely inexcusable. Technically, it is a straightforward matter to extract and/or delete files from zip archives (and other archive formats) - provided they are not password-protected - leaving the rest of the archive intact. There are any number of zip/unzip components available to developers, irrespective of the programming language and development tools they use, and their use would in no way lead to bloat in NOD32.

If they fixed this, at least Mele20's concerns would be resolved.

 

Re:strange quarantine operation?1

Hi Blackspear,

Mele20 had posted, "The infected file should be automatically transferred to quarantine every time. This should be an ironclad rule. You then go to quarantine and deal with it there".

I was just posting that I don't think every infected file should be moved to quarantine. I also try the Clean and then the Delete first.

I just don't think it should be an "ironclad rule" that all infected files are transfered to quarantine.

 

Appologies, misread your post Stan999

As said, the only time I want it moved anywhere is to a isolation area (quarantine), and only if it can NOT be cleaned or deleted.... Otherwise you will have the general public hunting around for infected files that have "disappeared", no idea where it went...it was there one minute, and gone the next... HELP!!!!!

Cheers