Whether or not the file is actually infected, if NIS detects a virus anywhere it attempts to fix it or, failing that, remove (delete) it. NIS doesn't have any concept of "read only" so it puts it in an unresolved status.

Add to this the fact it's removable media & NIS ends up disabling the drive (emulated or not) in an attempt to protect your system. However, because it recognizes the general location, it doesn't care if the file is still present there. So when you switch out the media NIS can't tell the difference.

Placing a general exception on the file doesn't help because it's removable media. If the file infected was Setup.EXE & it was a FALSE positive, when I put in a file that is infected named Setup.EXE my system will be vulnerable. To set that entire drive to be an exclusion invites the same thing.

Furthermore, because the file is currently listed as "unresolved" whenever a system scan runs it disables my ability to read data from that location.

I've tried working with tech support for more than 4 hours. They told me I need to send it as a false positive but the false positive team wants the file. Of course, the file is not the relevent issue as is the unresolved listing & the fact that media will not be going back into my system ever again.

Any solutions to removing something in "unresolved" status without the False Positive team's assistance?