After installation of Kaspersky on a windows machine, several trojan viruses where discovered and deleted. Now, I'm looking for a way to retreive those trojans deleted by kasperky. (to export them to a VM for further analysis)
Asked
Active
Viewed 84 times
1 Answers
1
If Kaspersky has given you logs of what it deleted you may be able to undelete the files. The company formerly known as diskeeper has an undelete program which should allow you to find it.
Be sure to temporarily disable Kaspersky or designate a directory that it should ignore to put the files into. Once the files are undeleted you'll need to password zip them up otherwise any time you try to move them around antivirus will want to purge them again.
All that said, unless you are an expert in reverse engineering/assembly hacking this doesn't seem like a safe thing to do.
Jean-Michel Florent
- 140
- 2