Threat log question

Discussion in 'NOD32 version 2 Forum' started by pemar, Oct 4, 2006.

Thread Status:
Not open for further replies.
  1. pemar

    pemar Registered Member

    Joined:
    Oct 4, 2006
    Posts:
    31
    Location:
    Winnipeg, Canada
    Hello all,
    I have installed NOD32 and have run the scan. It has detected 3 threats - one active. In quarantine log I have now one phishing e-mail, the threat log however is empty. Shouldn't the infected files show up in threat log?
    Unfortunatelly I cannot find red (or orange) entries in scan log (I have selected "list all files" - my mistake).
    Could you explain to me when threat log shows infected files?
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi pemar, welcome to Wilders.

    Please check your settings against those HERE

    After this run a scan by following these steps:

    1. Click on the NOD32 Control Centre (Green and White split square on the bottom right hand corner of your computers screen).
    2. Click on NOD32.
    3. Click on Run NOD32.
    4. Click on “Scan and Clean”.

    Let us know how you go...

    Cheers :D
     
  3. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    The Threat log shows infected files when they are caught in real time by the AMON, DMON, IMON, or EMON modules. Any threats you find when running the "manual" NOD32 scanner appear in the Scanner log, but not in the Threat log.

    I agree, this can be rather confusing, but this is how it was designed.
     
  4. pemar

    pemar Registered Member

    Joined:
    Oct 4, 2006
    Posts:
    31
    Location:
    Winnipeg, Canada
    Thank you Blackspear and alglove for your answers.
    I have checked all the settings and they are as recommended.
    I understand now how the threat log works.

    One additional question:
    I have run "scan and clean" several times. In scanner logs I see the same files being picked up. They are highlighted in red. I understand that they should be deleted so the next scan wouldn't detect them. In NOD scanner log in column "detected" there is number 3 highlighted and 0 in "cleaned" column.
    The files are from "sent" mail folder (Outlook Express) of spam e-mails I forwarded as the attachment to my ISP to report spam.

    There is also one entry in brown which says that file called sent items.dbx was quarantined. After each scan a new entry, of the same size, shows up in quarantine log with the same reason (HTML/Phishing.gen trojan).

    I am still able to access my "sent" folder and infected e-mails so they don't seem to be deleted or quarantined.
    Am I missing something?

    Thanks again for your help
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    You are welcome.


    As these detections are with Outlook Express you will need to open it up and delete the infected mail from there. This is due to how Microsoft have designed storage for Outlook Express; if NOD32 was to remove an infected .dbx file it will remove the entire folder, so rather than do this you are required to delete it manually.

    Cheers :D
     
Thread Status:
Not open for further replies.