Author Topic: Quarantined Malware... now what?  (Read 4173 times)

Offline sreaction

  • Newbie
  • *
  • Posts: 3
Quarantined Malware... now what?
« on: April 10, 2012, 09:16:44 PM »
Malware[at]#34off9k7jm08f C:\System Volume Information\_restore{2D07FD2C-EAEA-4C5D-B012-81E8D54495F8}\RP49\A0002924.dll

The above is malware that was quarantined. I deleted it ran another scan and it have no  more negative results. Usually, AV software has a link for a descriptive summary of the revealed malware. Does CIS not have that function? Also, prior to removal, I scanned with Malwarebytes and its scan turned up nothing. Not sure if this is a false positive. However I cant tell since I cant find any info on the suspicious file. Any help clarifying what the above is will be appreciated.


Offline Maniak2000

  • Comodo's Hero
  • *****
  • Posts: 502
Re: Quarantined Malware... now what?
« Reply #1 on: April 11, 2012, 01:19:57 AM »
CIS \ Comodo  doesn't have  virus encyclopedia or something similar that I know about.

System Volume Information is a folder where  Windows restore points are located,  so you might want to clear those and create a new system restore point.

Offline sreaction

  • Newbie
  • *
  • Posts: 3
Re: Quarantined Malware... now what?
« Reply #2 on: April 11, 2012, 03:13:47 AM »
Yeah I figured it had something to do with system restore. I turned system restore off shortly after I got the malware notification. I usually don't even have it on so its not a big deal.

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #3 on: May 04, 2012, 05:10:41 PM »
Another issue with System Restore...
Happy people are here to deceive us

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19276
Re: Quarantined Malware... now what?
« Reply #4 on: May 04, 2012, 05:23:14 PM »
Another issue with System Restore...
What issue? If malware gets caught in System Restore make sure to open the System Restore folders and the av can remove it. This KB article describes how to do this: http://support.microsoft.com/kb/309531 /

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #5 on: May 04, 2012, 06:36:34 PM »
Obviously, most users will know what System Restore is.
Obviously they will know how to deal with such a simple thing.
Happy people are here to deceive us

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19276
Re: Quarantined Malware... now what?
« Reply #6 on: May 04, 2012, 07:54:46 PM »
Obviously, most users will know what System Restore is.
Obviously they will know how to deal with such a simple thing.
One catches flies with syrup not with vinegar. Or in the high tech age one catches answers with Google.....  ;)

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #7 on: May 04, 2012, 08:57:01 PM »
Or in the high tech age one catches answers with Google.....  ;)
Or one has the machine messed about, which is what worries me.

And it does worry (last install of CAV was a mess).
Happy people are here to deceive us

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19276
Re: Quarantined Malware... now what?
« Reply #8 on: May 05, 2012, 10:49:41 AM »
Or one has the machine messed about, which is what worries me.

And it does worry (last install of CAV was a mess).
Could you elaborate on this?

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #9 on: May 05, 2012, 07:18:24 PM »
Could you elaborate on this?
Yes, I can.
The usual default settings were up side down (on two installs the settings will be different from each other and from what they were supposed to be). The GUI was unresponsive (it wouldn't close, for a start). My manual options wouldn't stick...
This happend twice in the space of 10 days (CAV 5.10).

The impression from an end user point of view is that of an amateurish approach (not mine).

My machine just had an Image backup restore; no chance of infections/conflicts... so forth.
Happy people are here to deceive us

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #10 on: May 08, 2012, 04:19:00 PM »
Eric...
Why is CAV installer behaving randomly?
I'm using NAV at the moment, and not taking the risk at another faulty CAV installl.

Could you elaborate on this?
Happy people are here to deceive us

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19276
Re: Quarantined Malware... now what?
« Reply #11 on: May 08, 2012, 08:03:21 PM »
I am not sure what could be causing it.

Usual suspects would be left overs of previously installed security programs or currently installed security programs. But if that is not the case and it is reproducible then I would ask to file a bug report so the Comodo devs can take a closer look at it.

Offline Upholder

  • Comodo Family Member
  • ***
  • Posts: 74
Re: Quarantined Malware... now what?
« Reply #12 on: May 16, 2012, 04:31:44 PM »
I decided to give CAV another go and so far so good.
Strange about the previous behaviour, it is the same machine and I'm a very careful user.
Anyway, that's software for you...

Thanks for your attention Eric.
Happy people are here to deceive us

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek