Infiltrations can reach the system from various entry points; web pages, shared folders, via email, or from removable computer devices (USB, external disks, CDs, DVDs, diskettes, etc.).
If your computer is showing signs of malware infection, e.g. it is slower, often freezes, etc., we recommended that you do the following:
- Open ESET NOD32 Antivirus > Computer scan
- Click on the button Smart scan (for more information, see Smart scan).
- After the scan has finished, review the log for the number of scanned, infected and cleaned files.
If you only wish to scan a certain part of your disk, choose Custom scan and select targets to be scanned for viruses.
As a general example of how infiltrations are handled in ESET NOD32 Antivirus, suppose that an infiltration is detected by the real-time file system monitor, which uses the default cleaning level. It will attempt to clean or delete the file. If there is no pre-defined action to take for the real-time protection module, you will be asked to select an option in an alert window. Usually, the options Clean, and No action are available. It is not recommended to select No action, since the infected file(s) would be left untouched. The only exception is when you are sure that the file is harmless and has been detected by mistake.
Cleaning and deleting
Apply cleaning if a clean file has been attacked by a virus which has attached malicious code to the cleaned file. If this is the case, first attempt to clean the infected file in order to restore it to its original state. If the file consists exclusively of malicious code, it will be deleted.
If an infected file is “locked” or in use by a system process, it will usually only be deleted after it is released (usually after a system restart).
Deleting files in archives
In the standard mode, the entire archive will be deleted only if it contains infected files and no clean files. In standard mode, archives are not deleted if they also contain harmless clean files. However, use caution when performing a strict cleaning scan – with strict cleaning the archive will be deleted if it contains at least one infected file, regardless of the status of other files in the archive.