Quarantined Malware... now what?

[Guest]

[sreaction]

Malware[at]#34off9k7jm08f C:\System Volume Information\_restore{2D07FD2C-EAEA-4C5D-B012-81E8D54495F8}\RP49\A0002924.dll

The above is malware that was quarantined. I deleted it ran another scan and it have no  more negative results. Usually, AV software has a link for a descriptive summary of the revealed malware. Does CIS not have that function? Also, prior to removal, I scanned with Malwarebytes and its scan turned up nothing. Not sure if this is a false positive. However I cant tell since I cant find any info on the suspicious file. Any help clarifying what the above is will be appreciated.

[Maniak2000]

CIS \ Comodo  doesn't have  virus encyclopedia or something similar that I know about.

System Volume Information is a folder where  Windows restore points are located,  so you might want to clear those and create a new system restore point.

[sreaction]

Yeah I figured it had something to do with system restore. I turned system restore off shortly after I got the malware notification. I usually don't even have it on so its not a big deal.

[upholder]

Another issue with System Restore...

[EricJH]

Another issue with System Restore...

What issue? If malware gets caught in System Restore make sure to open the System Restore folders and the av can remove it. This KB article describes how to do this: http://support.microsoft.com/kb/309531 /

[upholder]

Obviously, most users will know what System Restore is.
Obviously they will know how to deal with such a simple thing.

[EricJH]

Obviously, most users will know what System Restore is.
Obviously they will know how to deal with such a simple thing.

One catches flies with syrup not with vinegar. Or in the high tech age one catches answers with Google..... 

[upholder]

Or in the high tech age one catches answers with Google..... 

Or one has the machine messed about, which is what worries me.

And it does worry (last install of CAV was a mess).

[EricJH]

Or one has the machine messed about, which is what worries me.

And it does worry (last install of CAV was a mess).

Could you elaborate on this?

[upholder]

Could you elaborate on this?

Yes, I can.
The usual default settings were up side down (on two installs the settings will be different from each other and from what they were supposed to be). The GUI was unresponsive (it wouldn't close, for a start). My manual options wouldn't stick...
This happend twice in the space of 10 days (CAV 5.10).

The impression from an end user point of view is that of an amateurish approach (not mine).

My machine just had an Image backup restore; no chance of infections/conflicts... so forth.

[upholder]

Eric...
Why is CAV installer behaving randomly?
I'm using NAV at the moment, and not taking the risk at another faulty CAV installl.

Could you elaborate on this?

[EricJH]

I am not sure what could be causing it.

Usual suspects would be left overs of previously installed security programs or currently installed security programs. But if that is not the case and it is reproducible then I would ask to file a bug report so the Comodo devs can take a closer look at it.

[upholder]

I decided to give CAV another go and so far so good.
Strange about the previous behaviour, it is the same machine and I'm a very careful user.
Anyway, that's software for you...

Thanks for your attention Eric.

[Tags:]