Eset NOD32 version 4.0.474 always reports the message "archive damaged" on every scan

Discussion in 'ESET NOD32 Antivirus' started by chromebuster, Jun 11, 2010.

Thread Status:
Not open for further replies.
  1. chromebuster

    chromebuster Registered Member

    Joined:
    May 27, 2010
    Posts:
    18
    Hi folks,
    I was wondering something. This little thing has been going on ever since I purchased NOD32 and through the entire time I've had it installed on my laptop. Generally since things are found a lot on my computer, I tend to check the logs to make sure that everything is all right. a common message I see is "archive damaged" when it scans certain folders. in particular, I can name one folder that is scanned and this message comes up on every file with a .chm extension. The folder is located under my external drive under documents>programs>Huge Collection of General computer Ebooks>ebooks. There are many files under that directory, and about 90 percent of them are .chm files. All of those files come up with that message. not only that, but I also get frequent error messages on NSIS installers. One example is on an old version of the installer for AIM, where NOD says "NSIS-Bad Archive". It also happens on Inno-built installers as well. The message is similar to the following: "archive embedded" or "can't read archive". Is this normal? and just to let you know, all of the files work properly, and they have no issues whatsoever opening or closing. If somebody would be so kind as to let me know what the story is, and if I need to do anything, that'd be awesome.

    Thanks.
    Chromebuster
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    did you try the latest 4.2 version in case it works better?
     
  3. chromebuster

    chromebuster Registered Member

    Joined:
    May 27, 2010
    Posts:
    18
    I did, but then I reverted due to an accesibility issue with screen readers where JAWS wouldn't read the listed information in both the quarentine and logs windows of the program.
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    when you said a lot of things are found, what are those? If it is malware then the issue you have with archives being damaged could be partly due to it. Otherwise it sounds like a minor issue (still needs fixing)
     
  5. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi chromebuster,

    I would suggest to submit some of these files to ESET.

    A few examples:

    About archive damaged:
    Some weeks ago I got that warning on a firmware file for a Pentax digital photo camera. On advice of an ESET moderator I submitted it and it was quickly fixed.

    About INNO-build install files:
    Yes, that happened to me too. And it is still happening on the installation file of Malware Bytes Anti Malware, latest version.
     
  6. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    NOD's archive module cannot deal with every archive type, some of the compression codecs are proprietary and Eset may not have all necessary licenses to let NOD peek into every archive.
    not sure but there are indications though that NOD is either having a compatibility issue with the 7-zip decompression tool (7-zip.org)or it is trying to make use of it (on WIN 7 64bit), not certain about other decompression applications.

    in particular there seems to be problems with .exe, .msi, .bz2 and .tar.gz archives
     
  7. chromebuster

    chromebuster Registered Member

    Joined:
    May 27, 2010
    Posts:
    18
    Basically it's just stuff that seems to be found by NOD32. Like for instance, the first day NOD scanned my system, it took care of the variant of W97M/Marker that AVG could recognize, but couldn't actually disinfect. That had accidentally been sent by one of my teachers who uses a Mac computer. Most of the other things were just minor issues such as a couple of probably unknowns and then the most serious one was due to the fact that I allowed a trojan through by mistake LOL. all were able to be either quarentined or disinfected, so it seems as if the current issue is just something that needs to be fixed on the part of the staff.
     
  8. chromebuster

    chromebuster Registered Member

    Joined:
    May 27, 2010
    Posts:
    18
    Oops. sorry folks. I didn't see those two replies. You are absolutely right about the types of files that are being affected. But one thing. If the files that are being flagged with error messages, and I've opened them so many times, is it not impractical to send them to Eset seeing that it is not a potential virus, malware, or false positive we're dealing with here? let me know.

    Thanks.
     
  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Surely it's worth sending archives that are not scanned internally for whatever reason to ESET. We'll have a look at them and add support for unpacking them, if possible. Feel free to post a link to at least one such file here.
     
  10. chromebuster

    chromebuster Registered Member

    Joined:
    May 27, 2010
    Posts:
    18
    You say to post a link to one of the files. Should I just attach it over here on the post? Or should I put it up onto a place like sendspace or something like that? I think it'd seem strange to send it per the instructions since the files are not infected at all, just not recognized. Let me know what you want me to do. Thanks.

    Chromebuster
     
Thread Status:
Not open for further replies.