Another Question

Hi again folks,

After taking NOD32 2.5 Beta out for a spin for the last few days I wanted to do a scan. I scanned with NOD and it found nothing. Then I scanned with Bitdefender online. There where 3 instances where NOD popped up with virus alerts (1 is attached) while BD was scanning. NOD said that it quarantined them, but when I opened up the quarantine file there was nothing there. The log lists the 3 viruses, but it says after they were quarantined they were deleted (why even quarantine then??).

I wonder why these where not picked up in the first place?? They were all in the Temp folder. I have the default settings. Have I missed something?? I am still learning about AV's that have more than 2 setting (start and stop LOL) so if this is a basic question, sorry.

 

OK No takers so far. Is it just that basic of a question that you do not want to waste your time on it

Anyways I posted the log. I still don't know why it deleted them. I looked through the settings and it says to quarantine, not delete. The previous sceenshot even says that it will only quarantine, but it did not. Not trying to be a pain, just getting my education.

 

I think we'll have to wait for Marcos to wander along on this one. In the mean time can you please send an email to beta25@eset.sk with a link to this thread.

Let us know how you go…

Cheers

 

Sorry guys, but I don't understand what the problem is. AMON picked up a threat in a temporary folder and deleted it automatically. As of version 2.50, AMON makes a copy of any infected file in quarantine before the file is deleted. You can turn off this feature in the AMON setup - Actions and untick the "Move newly created files to Quarantine" checkbox (not recommended).

 

From mikel108

From Marcos

NOD32 didn't pick up the files until they were being scanned by BitDefender. I think that's what one of his problem is.

 

And the other part was it is NOT in Quarantine.

Cheers

 

The infiltration was detected on newly created file, so it is logical, that this file was not there at the time when NOD32 scanner performed scan of the disk.

 

I for one see those files in quarantine. Am I missing something?

 

It's this part that there is an issue with Marcos:

Cheers

 

I think so, Marcos.

The window shown by mikel is the log, not the quarantine folder itself.

The question seems to be:
-Why did the warnings pop-up during the Bitdefender web-scan and not during the NOD32 full scan? --> My guess, FP's from Bitdefender operations? (after all, the warnings are heuristic detections, right?).

-Why are the files not quarantined (even though NOD says it did)?

 

Mikel108, can you please confirm that you looked for your Quarantine files in the location seen in the following screenshot.

Cheers

 

If I uderstand Marcos right the files were detected, the deleted and a backup copy made that was supposed to be sent to Quarantine.

When I went to look in Quarantine in the GUI there was nothing, which is why I asked about this.

 

Blackspear,
Thanks for the great picture tutorial. I think I found the problem with the files not being listed in the Quarintine GUI. I do not have an infected files folder

 

Well, hows this for a twist. I have added no new programs(except NOD) nor have I run any system cleaners since NOD was put on.

However today I decided it was time to clean my registry. Guess what the cleaner found?? I can find it no where on the system so I am going to reinstall NOD and see if that brings it up. The quaratine may have installed bad (yes/no?).

--------------------------------------------------------------------------
Quote from SSK
The question seems to be:
-Why did the warnings pop-up during the Bitdefender web-scan and not during the NOD32 full scan? --> My guess, FP's from Bitdefender operations? (after all, the warnings are heuristic detections, right?).
--------------------------------------------------------------------------
I think that you are probably right SSK

 

This is created when something is first sent to Quarantine.

This being the case, can you please check settings for AMON, as per screenshot.

Cheers

 

I have all of that checked Blackspear. I guess it did not get sent to quarantine. Thanks

 

I scanned with Bitdefender again today. NOD popped up again. It still did not send them to quarantine like they said. I do believe that SSK is positively right though. I rescanned with BD, only this time I turned off AMON. BD came back with no infections. Must be FP's from AH.