Quick Virus Question

[nightfox1405241487 0]

I've always have run a tight ship so I very rarely get a virus, but I've got a client who has somehow managed to get some sort of mailer Trojan horse on their computer HOWEVER, Norton Antivirus has the virus isolated and ready for removal.From the instruction sheet (I'm assuming they got it from Symantec), they updated Norton and did a full system scan.The virus shouldn't do anything since Norton has it quaritined, correct?Now, it may have injected values into the Registry (which is why they want me to do it as they don't know what the registry is, let alone know how to access it and delete values from it). I don't think this will be a problem since I can read the Symantec technical data sheets so the registry is not a problem.Working on Linux a lot makes me glad I don't have to deal with viruses... man, Windows sucks...[N]F

[miCRoSCoPiC^eaRthLinG 0]

Yep - if the AV has the virus in quarantine, it totally denies any kind of access to it. Or at least it "should". I cannot speak for every AV out there in the market - but yeah some of them are pretty callous in that respect.. and somehow they manage to quarantine and isolate the file after it has been infected.. which means the worm has already managed to write itself to the registry. Now these worms go into a file-infecting - registry writing cycle. You block one file, they jump to another and write itself to the registry again pointing to the new file.. The trick is catching it before it manages to infect any critical file.. or right when it's first entering your system.. am happy to say that my own AV - BitDefender does a damned good job of it Never had a single problem with it.

[Hercco 0]

Yes, you can't really be sure how well the anti-virus software does the quaranteeing. The safest thing is to use another tool to make sure. When ever I've encountered a virus in my Windows system I usually go for several removal tools. That is unless I'm absolotely sure that the virus is trivial for my AV to remove. So I go and read what F-Secure and Symantec have say about the virus and download removal tools from both (if available) and run them. And then I can have good nights sleep.

[kgd2006 0]

I havent gotten a virus for awhile lately, but it seems like my computer has been acting akwardly for the past week. Norton ran a scan and looks like I have no virus, but ever since I got the new windows XP update for IE, I've been having weird start up problems with my computer. For example, my computer will start up normally, but when its done loading all the taskbar start ups, and when I try to open a program like AIM or IE or any other program for that matter it would have that "hour glass" and nothin would happen. And eventually my computer would get stuck, so only option for me is to "POWER" shut down. I dont know if thats a virus that snuck its way into my computer but Im probably going to have to reformat my computer again. If it was caused by the Update for xp, Im going to refrain from the further updates because I hate having to reformat my computer with all the stuff I already have on it and have to back up.

[sparx 0]

Not exactly -- the infected files may have been quarantined, but the actual vector - the files that might run resident in memory might still be hidden away. If the machine is on a network, physically unplug the ethernet cable. No internet access and if there is a firewall installed, turn off all internet access.Now that this machine is isolated from the rest of the world, proceed with the disinfection procedure. Make sure that a backup of the registry is made on separate media (CD / USB flash drive) and then follow the instructions for maximum safety and redundancy.