help... nod32 caught some kinda trojan at legit site

Discussion in 'NOD32 version 2 Forum' started by Thrall, Nov 23, 2004.

Thread Status:
Not open for further replies.
  1. Thrall

    Thrall Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    2
    Hello all,

    This is my 2nd day using NOD32, like it a lot so far. I was browsing on a reputable (I think) gamesite and NOD32 detected a trojan right as a page was loading. It said it was not able to clean it, so I clicked to quarantine it. Here is what the virus log now says:

    Time Module Object Name Virus Action User Info
    11/22/2004 22:54:07 PM IMON archive http://launch.gamespyarcade.com/software/launch/alaunch.cab... Win32/TrojanDownloader.SpyGame.A trojan quarantined - connection terminated

    I added 3 dots at the end of that web address just in case somebody clicked the link accidently...

    Anybody know what this means? What does it mean when a virus is quarantined? Do I need to delete the file? Any possiblity it can become un-quarantined?

    Sorry If I sound like a newbie, I am... I'm kinda concerned though.

    I did run a full local disk scan and NOD32 didn't find any viruses.

    Thanks in advance,

    Thrall
     
  2. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    First off relax, NOD did it's job, the connection was terminated so the trojan did not execute, A copy might have been saved in a folder called Infected in your Program Files/Eset folder, no it cannot be executed as Nod should have renamed it.

    Other than that relax, NOD protected you, and I would advise against visiting that site, at least for awhile.
    You can check the drive you installed Nod into, usually C://Program Files/Eset for a folder called Infected and delete any files, or go into the Control Center( that little green and white icon and go the NOD32 System tools and there is the Quarantine folder there also, highlight any files there right click and select delete, if you prefer to do it that way.
     
  3. Thrall

    Thrall Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    2
    That makes me feel a lot better. Thanks for the quick reply, Flyrfan111. :D

    I may of gone a little overboard, but after I posted that I went into safemode and did another scan, nothing... So I guess I'll go and delete that quarantined file.

    I definintly will not be going back to that site.

    I tried to look up that virus on the eset website but it wasn't listed. Do you think it is a new virus? Should I report it?

    Again, thanks for the speedy reply :D

    Thrall
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Thrall, welcome to Wilders. If Nod stopped it at the front door then it will be in its database, if you have a look in your virus/event logs it will list the name of the trojan, this can be found in the Control Centre as per screen shot...

    Hope this helps...

    Cheers :D
     

    Attached Files:

  5. arrowsmithmidwest

    arrowsmithmidwest Registered Member

    Joined:
    May 12, 2004
    Posts:
    165
    Location:
    Midwest
    Better to be safe than sorry.
     
Thread Status:
Not open for further replies.