cuccoscratch.com
February 10, 2012, 04:44:24 pm *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
   Home   Help Search Login Register  
cuccoscratch.com > General > Tech Support > Viruses in Quarintine
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Viruses in Quarintine  (Read 509 times)
0 Members and 1 Guest are viewing this topic.
ZGDK
Mallard
***
Offline Offline

Posts: 721


Skitty the Kitty


View Profile
« on: January 02, 2009, 07:58:34 am »
Yesterday by mistake I got a Trojan-Agent-TDSS  and a  Trojan-Agent.Gen my anti-spyware/virus gave me a warning and a scanned and quarantined them before they had a chance to do anything, but my question is what should I do with them next? Should I leave them in quarantine or delete them? Is there anything else I should check out to make sure they didn't leave anything behind, I did two full sweeps just in case. My anti virus is Spy Sweeper with Anti-Virus and just now when doing a Google search about the trojan and my anti virus gave me a message that it blocked access to a threatening website even though I hadn't clicked on anything, I did another scan and it picked up another trojan. What should I do? Should I be worried? Everything else seems to be working fine, should I just go into Safe Mode and delete the trojans?
« Last Edit: January 02, 2009, 08:33:05 am by ZGDK » Logged
Ezekiel 25:17

17 I will carry out great vengeance on them and punish them in my wrath. Then they will know that I am the LORD, when I take vengeance on them.' "
dan
Administrator
Mallard
*****
Offline Offline

Posts: 784



View Profile WWW
« Reply #1 on: January 02, 2009, 11:09:40 am »
go into safe mode and do another scan. chances are the trojan may be running but it's unable to kill it because it's running (you what windows is like when you're trying to delete files in use/running). in safe mode, nothing's running, so it won't have that problem.
viruses in quarantine are safe. hence why it's called quarantine. the virus-riddled files are stored in some encrypted fashion which ensures they can't be executed, nor decrypted by a virus's counterpart app or something. most viruses that i know of/have come across, come in 2 pieces. these ones are harder to get rid of, because one copy looks after the other, and vice versa. stop one running, the other one restarts it. delete the file before the 2nd, the other will clone and re-start it. generally speaking, the *only* way to get rid of these is in safe mode, when neither copy are running. then it can delete both of them.
i always run a virus scan in safe mode if i know i'm dealing with one. makes detection and removal a lot easier.
what's a better thing to do, is to go here http://www.trendmicro.com/download/dcs.asp and download sysclean. create a directory or something on your c:\ drive to copy all this into, because it all extracts itself into about 15 files (plus the pattern files). so keep it all together. then download this http://www.trendmicro.com/ftp/products/tsc/cpr/tsc.zip into the same directory, and extract. before rebooting into safe mode, download and install this too http://www.download.com/Ad-Aware-2008/3000-8022_4-10045910.html?tag=mncol.
now go into safe mode and run the sysclean.com file (.com is a weird .exe). it'll extract into a dos prompt box, then launch a nice window. press "scan now" and leave it do it's thing. if anything is left over that your normal av didn't pick up, this will sort it out. then before going back into normal mode, run adaware.

this is a tried and tested technique i used many many times when i was a field engineer. i would execute this process more or less religiously if i was to ever encounter a virus, and it worked pretty much every time. i can only recall once when it didn't work, but there were exceptional circumstances to that one, to which i won't bore you with.
hth.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

© 2007-2011 cuccoscratch.com and their respective authors. All rights reserved.
Hosted by Bluespider Technical Solutions