i'll also say i have bought the dvd of the first film for my inlaws and will be buying the 2nd for them when it come out as this is for them!
anyway, i downloaded a film (for testing purposes, or is it educational) it was in the usual rars format, extracted and inside was another bundle of rars for the same film (warning number 1 ignored) the inside rar was made as a self extracting one (BIG warning number 2) ie still a bundle of rars but the first file is in exe format, i tried to extract it using another random rar file rather than using the first .exe file, not having it, had already scanned it for virus using AVG free no warnings (idiot, idiot, idiot stop now you muppet - you KNOW its dodgy) so i think - ok just go for it there is nothing else visible when you look inside the other rar files.
anyway it seems to be some sort of installation type of extraction, but it stops after the first rar file as it cant find the rest, so i cancel it, look again and try again, still fails - make a quick note of location of temp folder its using, look there folders empty (due to me cancelling the first 2 failed attempts) 3rd time i leave the badlycoded rar extraction hanging and look in the temp folder 2 batch files and something else, so as i am looking at the batch files AVG kicks up warning virus, and another, another - appx 7 or 8 times maybe as i read the batch file i realise what looks like code to pull files from the net
all the rars are PGP'ed using wipe function, the temp folder same, used windows search function for a keyword for name, pgp'ed most of what it found - some i cant as it looks like history data or stuff like that and some files from the prefetch folder that i cant delete
then run AVG for full scan of hard drive, then download spybot S&D install and run, get adaware install & run - oh also used trends online scan, i do reboots for PC between most/all of these programs in case of rootkit install? nothing found till this point, then think for last i will use the monthly MRT from microsoft, get it to do a full scan - it finds something even after all the other just found the usual cookies, spam stuff (that i deleted anyway) it says PWS:Win32/Ldpinch.gen - (scan results) partially removed
i clicks the link as all other were "not infected" takes me to microsoft.com it says its a password stealer, and to run microsofts online scan @ http://safety.live.com/ so i am doing that just now
anyone think i am still at risk?
reason i am asking is that i had an encrypted drive mounted at the time that i do not want the contents stole (were talking financial details here) i dont want to have to scrub ALL that data and start again
someone give me some positive news or any suggestions .........
(sorry this is so long)



Pages in this thread:
Print Thread
deleted