To my surprise for the first time an on-demand full scan found a virus (win95/sk) and not only that, it found it in an old file (a game, an extracting exe-file). I was/am quite sure it was a false positive and I scanned only the file, but nod froze on it. Then I unpacked it and scanned the unpacked game and it was clean. Then in my everlasting wisdom I changed the extension to .zip and somewhat later an amon-screen told me there was an infection , but all the options where unavailable, so I closed the screen and found out nod had deleted the file and it also wasn't in quarantaine. Ok, no harm done, because I still have the unpacked one. The question is: I've setup Amon good, it must give me action options, move newly created files to quarantaine and ISN'T allowed to clean automatically so ehm I can't see what I did wrong and must therefor the conclusion be that NOD32 screwed up?
Well , that's very nice of course, but doesn't answer my question. The problem isn't the FP, but the fact nod deleted a file which it, as far as I understand, isn't allowed to do.
With default settings, AMON automatically moves newly created files reported as infected to quarantine.
Yes - see the lower screenshot - you set AMON to move newly created files to quarantine which means they will be removed from the original location.
Strange. I don't know why it went wrong, but it has always been this way, only then it were infected files so I didn't give it a second thought. hmm . Maybe someone has an idea...?
Strangely enough "c:\Program Files\Eset\infected" isn't present on my pc and I can't add files to quarantaine and when I scan the eicar.com file and tick quarantaine and choose delete it says there's an error quarantaining. I will uninstall/install nod later and see what happens.
Well, i've tried to get the quarantainefunction back by changing the nodsettings and disabling other securityapps and also i've made a folder named "infected" in the esetfolder, but it didn't help so I got a fresh nodcopy and installed that one and now everything works fine. I don't know what made this happen, but I will check it "frequently" to see if it goes wrong again and then maybe I can find the reason.
You're absolutely right SSK! I found it in my JV16-backups. I allready thought about "remove junk files" and "find empty folders" of Ace Utilities, but when the first would have mistakingly found it (why would it??) I would have noticed and the latter I don't use, but still I had a vague memory of some Eset/quarantine-thing being found somewhere. I would never have guessed it was in the registrycleanerresults and the problem was caused by cleaning the registry...the folder is there so why remove the key?...or... the folder isn't there so there's no key to remove...but that's where I went wrong. When you install Nod32 the infected-folder isn't there but the key is. The folder is created when the first file is quarantined so when you use a registry cleaner before the creation the key is removed and the folder will never be created. You could say that's a mistake made by the registrycleaner, but the folder isn't there so you can't call that a mistake, or by the user who isn't paying enough attention , but it can be solved easily, I guess, by Eset, by creating the folder when installing Nod32 or by creating the key when the folder is created.
Nice write-up You can exclude the key in JV-16 by selecting it and use right click - never show again.
Yes, I know, it's indeed a nice write-up. I solve it by after installing adding and removing a file to quarantine btw, but your solution is also good of course.
To make a long story short, I don't use JV-16 at all and I never have used it and I had the same problem with the 'infected' folder not being there.
Why exclude it, rather than just creating the directory, so registry cleaners won't find a missing directory? Start > Run > cmd /c mkdir "C:\Program Files\Eset\infected" > OK I'm not a fan of registry cleaners--as we see here and so often, they cause nothing but harm--but in this case, it's doing exactly what you've asked it to do.