NOD32 interrupted in middle of In-Depth Scan

Discussion in 'NOD32 version 2 Forum' started by Carbonyl, Jul 5, 2009.

Thread Status:
Not open for further replies.
  1. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    Hello.

    Yesterday I had a bit of a peculiar happenstance, and decided this morning to do an In-Depth analysis of my computer with NOD. I am running v2.7 for compatibility reasons, and cannot run the later versions. I am also running XP SP3.

    The In-Depth analysis progressed fine for a while, but at a midpoint along the scan, the scanner seemed to get 'stuck'. It was analyzing the same file for a long while, and CPU usage was pegged at 50%. Then, Windows Security Center popped up, telling me that no AntiVirus was installed on my computer!

    To be absolutely clear here: The security center made NO warning of this when the computer was started, or before the scan. It was only AFTER the scan was in progress that it made this warning. This leads me to believe some nasty program responded to the In-Depth analysis by crippling NOD32.

    When I rebooted the computer and rescanned in Safe-Mode, it found nothing. Rebooting into normal windows and re-running an In-Depth analysis progressed smoothly and found no infections, nor did it hang, nor did Windows Security Center pop up a warning. It seemed the second run through didn't have that problem.

    Should I regard this as a one-time fluke? Or is this to be regarded as something far more sinister, like a rootkit? Any advice would be appreciated. Thank you.
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    what was that file? otherwise a one off occurrence, sounds like
     
  3. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    If I recall correctly, it was a file named 'file0052.bin', which was being scanned inside of a compressed installer from GOG.com (Good Old Games - a retro gaming company I consider legit). These installers have been on my computer for many months now, and were thoroughly scanned upon download and many times since then - but I suppose that polymorphic infections can branch out unexpectedly.

    Rescanning the entire directory where the file was stored after rebooting the machine yielded no suspicious results, strangely. And a subsequent In-Depth analysis scanned it without difficulty.
     
  4. BTIsaac

    BTIsaac Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    46
    Unusual things may occur during archive scans. This sounds more like a bug than anything else.
     
Thread Status:
Not open for further replies.