NOD32 and Deleting found viruses

T

tully

I've recently started using NOD32 antivirus, switching over from Norton AV
2004. I like it and the fact it seems to do a pretty thourough job and
doesn't tend to slow my computer down as drastically as Norton did. My only
problem with this scanner is the fact it hardley ever gives me the option to
delete, or clean a virus. I'm not sure if that is the way it works or what.
For example I downloaded the Eicar test virus, and let NOD32 find it, just
to get a feel of what it does and how it detects. I am seeing tho when it
finds this virus and alerts me about it I get this disturbing message. ..

eicar_com[1].zip is infected with test file Eicar. NOD32 cannot clean this
infiltration.

Then I have only one option, and that is the Leave button, clean rename
delete and replace are all blacked out. If this is normal could someone let
me know why this is? I'm sure there has to be some explaination behind it.
TIA.
 
C

Clive

tully said:
I've recently started using NOD32 antivirus, switching over from Norton AV
2004. I like it and the fact it seems to do a pretty thourough job and
doesn't tend to slow my computer down as drastically as Norton did. My only
problem with this scanner is the fact it hardley ever gives me the option to
delete, or clean a virus. I'm not sure if that is the way it works or what.
For example I downloaded the Eicar test virus, and let NOD32 find it, just
to get a feel of what it does and how it detects. I am seeing tho when it
finds this virus and alerts me about it I get this disturbing message. ..

eicar_com[1].zip is infected with test file Eicar. NOD32 cannot clean this
infiltration.

Then I have only one option, and that is the Leave button, clean rename
delete and replace are all blacked out. If this is normal could someone let
me know why this is? I'm sure there has to be some explaination behind it.
TIA.
Click to expand...
Noticed the same problem - you very rarely get a satisfactory 'option' to
remove or clean a found virus. See my post earlier on.

I'm now testing AVG 7.0. This is not slowing my system down (the same as
NOD32), but gives more options when/if a virus is found (including the Eicar
test virus).

Clive
 
J

Jeffrey A. Setaro

I've recently started using NOD32 antivirus, switching over from Norton AV
2004. I like it and the fact it seems to do a pretty thourough job and
doesn't tend to slow my computer down as drastically as Norton did. My only
problem with this scanner is the fact it hardley ever gives me the option to
delete, or clean a virus. I'm not sure if that is the way it works or what.
For example I downloaded the Eicar test virus, and let NOD32 find it, just
to get a feel of what it does and how it detects. I am seeing tho when it
finds this virus and alerts me about it I get this disturbing message. ..

eicar_com[1].zip is infected with test file Eicar. NOD32 cannot clean this
infiltration.

Then I have only one option, and that is the Leave button, clean rename
delete and replace are all blacked out. If this is normal could someone let
me know why this is? I'm sure there has to be some explaination behind it.
Click to expand...

There is... RTFM.

1) NOD32 like most doesn't clean infected files in .ZIP files. NOD32
could allow the user to delete or rename the .ZIP file but that has it's
own potential pit falls. Suppose there are other important uninfected
files in the .ZIP and a user in classic panicked fashion opts to delete
the .ZIP? Then what?

Malware contained in .ZIP files isn't infectious until it's extracted...
Once it's extracted it can be cleaned (assuming there is a host to
clean), deleted or renamed.
TIA.
Click to expand...

Your welcome. HTH.

--
Cheers-

Jeff Setaro
jasetaro <at> mags.net
http://people.mags.net/jasetaro/
PGP Key IDs DH/DSS: 0x5D41429D RSA: 0x599D2A99 New RSA: 0xA19EBD34
 
D

Duane Arnold

I've recently started using NOD32 antivirus, switching over from
Norton AV 2004. I like it and the fact it seems to do a pretty
thourough job and doesn't tend to slow my computer down as drastically
as Norton did. My only problem with this scanner is the fact it
hardley ever gives me the option to delete, or clean a virus. I'm not
sure if that is the way it works or what. For example I downloaded the
Eicar test virus, and let NOD32 find it, just to get a feel of what it
does and how it detects. I am seeing tho when it finds this virus and
alerts me about it I get this disturbing message. ..

eicar_com[1].zip is infected with test file Eicar. NOD32 cannot clean
this infiltration.
Click to expand...

NOD32 cannot clean this infiltration. Event occured on file creation.

Is the message I got -- Delete or Rename were the options that were
enabled.

The Rename does nothing and retuns one to the Win Zip screen. The Delete
option deletes the start of the file being created off of the machine.

You cannot extract it. That seems stright forward to me.
Then I have only one option, and that is the Leave button, clean
rename delete and replace are all blacked out. If this is normal
could someone let me know why this is? I'm sure there has to be some
explaination behind it. TIA.
Click to expand...

Looks like your on an old version of NOD32.

Duane :)
 
T

tully

Jeffrey said:
There is... RTFM.

1) NOD32 like most doesn't clean infected files in .ZIP files. NOD32
could allow the user to delete or rename the .ZIP file but that has
it's own potential pit falls. Suppose there are other important
uninfected files in the .ZIP and a user in classic panicked fashion
opts to delete the .ZIP? Then what?

Malware contained in .ZIP files isn't infectious until it's
extracted... Once it's extracted it can be cleaned (assuming there is
a host to clean), deleted or renamed.


Your welcome. HTH.
Click to expand...

This does help tremendously, guess I should have looked a little harder than
I did for the answer, makes perfect sense now that I think about. Thanks
again.
 
T

tully

Duane said:
I've recently started using NOD32 antivirus, switching over from
Norton AV 2004. I like it and the fact it seems to do a pretty
thourough job and doesn't tend to slow my computer down as
drastically as Norton did. My only problem with this scanner is the
fact it hardley ever gives me the option to delete, or clean a
virus. I'm not sure if that is the way it works or what. For
example I downloaded the Eicar test virus, and let NOD32 find it,
just to get a feel of what it does and how it detects. I am seeing
tho when it finds this virus and alerts me about it I get this
disturbing message. ..

eicar_com[1].zip is infected with test file Eicar. NOD32 cannot clean
this infiltration.
Click to expand...

NOD32 cannot clean this infiltration. Event occured on file creation.

Is the message I got -- Delete or Rename were the options that were
enabled.

The Rename does nothing and retuns one to the Win Zip screen. The
Delete option deletes the start of the file being created off of the
machine.

You cannot extract it. That seems stright forward to me.
Then I have only one option, and that is the Leave button, clean
rename delete and replace are all blacked out. If this is normal
could someone let me know why this is? I'm sure there has to be some
explaination behind it. TIA.
Click to expand...

Looks like your on an old version of NOD32.

Duane :)
Click to expand...

Yes I didn't even try to extract it, when I did it caught it and let me
delete it, thanks for your input.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NOD32 and Win32/Adware.NdotNet.A, help! 1
NOD32---Found infected .jar file, but only gave me "LEAVE" button 56
File in NOD32 Cache Infected by AdWare.Win32.WinAd.bg 1
NOD32 Version 4.0 ISSUES? Some Privacy Related. 1
NOD32 - False Positive for Hatu Trojan 4
NOD32 missed Java.Nocheat!!?? 2
NOD32 or Kaspersky 5 or ??? 42
Day 3 of NOD32 trial 2

Top