captaincranky
Posts: 19,662 +8,799
My wanton ways have finally led me to the need to reformat.
I expect that I downloaded an installer, (or 6), with a zip package from either a tainted site, a movie or some stills.
This is a root kit infection. AVG free has a root kit tool, which can identify, but not disinfect the infection. (It returns after an alleged cleaning & reboot). All of AVG's detections are in the 1st minute or so of the scan, and all in system 32 files. (atapi.sys & whatnot).
MBAR detects infections, but stalls during cleanup, whether AVG is running or not.
The latest version of M$ "Malicious Software Removal Tool", has no detections.
MBAM is clean, (?), and Spybot issued a couple of FPs, (?*), against a few, "surf Anonymous" .exe installers.
(?*) Claiming "toolbar" as a "PUP". (Surf Anonymous reverts to the system tray when running, and hence gets labeled as a toolbar, I think).
Here's my question, assuming I've deleted all the ZIP packages, and the Jpeg photos are in folders of my making, how good are the chances they themselves are benign. In other words, can I dump any active video content, and salvage the image files alone before I reformat. I've scanned and rescanned these folders and they come up as clean. At one point however, on one particular site, Windows evoked DEP, and since has been tagging every download, (even from formerly trusted sites), with a "zone identifier", and blocking the files.
(It's been years since I've restored the system. I'm thinking it's time to give "C:/" a good old fashioned enema anyway....)
This is my 8+ year old eMachines. Perhaps I should retire it's number and put something newer on the erotic art circuit....? My habit is to do my banking on another computer, which never comes into contact with files from this computer, so I should be safe there. But, I normally transfer processed files to machines dedicated to imaging work, (via DVD or USB stick), which have no AV or security software of any kind.
FWIW, I've reset Windows to display all file extensions.
I also researched this before I posted, but most all of the information I was able to secure, was fairly dated.
I expect that I downloaded an installer, (or 6), with a zip package from either a tainted site, a movie or some stills.
This is a root kit infection. AVG free has a root kit tool, which can identify, but not disinfect the infection. (It returns after an alleged cleaning & reboot). All of AVG's detections are in the 1st minute or so of the scan, and all in system 32 files. (atapi.sys & whatnot).
MBAR detects infections, but stalls during cleanup, whether AVG is running or not.
The latest version of M$ "Malicious Software Removal Tool", has no detections.
MBAM is clean, (?), and Spybot issued a couple of FPs, (?*), against a few, "surf Anonymous" .exe installers.
(?*) Claiming "toolbar" as a "PUP". (Surf Anonymous reverts to the system tray when running, and hence gets labeled as a toolbar, I think).
Here's my question, assuming I've deleted all the ZIP packages, and the Jpeg photos are in folders of my making, how good are the chances they themselves are benign. In other words, can I dump any active video content, and salvage the image files alone before I reformat. I've scanned and rescanned these folders and they come up as clean. At one point however, on one particular site, Windows evoked DEP, and since has been tagging every download, (even from formerly trusted sites), with a "zone identifier", and blocking the files.
(It's been years since I've restored the system. I'm thinking it's time to give "C:/" a good old fashioned enema anyway....
)This is my 8+ year old eMachines. Perhaps I should retire it's number and put something newer on the erotic art circuit....? My habit is to do my banking on another computer, which never comes into contact with files from this computer, so I should be safe there. But, I normally transfer processed files to machines dedicated to imaging work, (via DVD or USB stick), which have no AV or security software of any kind.
FWIW, I've reset Windows to display all file extensions.
I also researched this before I posted, but most all of the information I was able to secure, was fairly dated.
