Seriously pissed off with computers right now

[Gamingphreek]

First let me say I am pissed off at myself more than the computer because I should know better than this

So last night I downloaded a tool that was supposed to retrieve my Serial # for my Purevideo installation.

I didn't trust it (Google didn't trust the site) so I scanned it with Windows Defender as well as Symantec Antivirus Corporate Edition before I executed it. I immediately regretted it as trojan, backdoors, spyware, adware EVERYTHING came shooting out of it.

I managed to get everything under control (Antivirus ran for about 2 hours straight, as well as Data Execution Prevention, Defender, and Malicious Software Removal tool), but it royally screwed up my OS files and now .dll's are missing and I am getting error messages left and right.

I have about 50 Gig of Recorded Movies, Music, and Pictures (Obviously 98% movies). Can someone tell me what the fastest way would be for me to get those off of my computer so I can begin the long tedious process of reformatting and reinstalling.

I can transfer them over the network, but at 100Mbps it is painfully slow; is there anyway I can do it faster??

-Kevin

 

[Rike]

Bummer.

Do you have portable drive handy?

You could run some files over the network and some on a portable HD. It might speed things up.

 

[SonicIce]

this remids me of an episode of Reboot where the kid didn't want to wait a whole second for something to process so he took drastic measures. "That could take a whole second!"

anyways 50 gig will take about 142 mins on 100mb

 

[Gamingphreek]

Originally posted by: SonicIce
this remids me of an episode of Reboot where the kid didn't want to wait a whole second for something to process so he took drastic measures. "That could take a whole second!"

anyways 50 gig will take about 142 mins on 100mb

Ugh...ok well I have a USB 2.0 HDD enclosure handy. Would zipping the files into two seperate files groups and then moving one over the network and one over the USB drive be faster?

(I have NCQ enabled and am also running a RAID-0 array, so IO, I would think, should be fine when transferring them to 2 separate places).

-Kevin

 

[Rike]

It should work fine. In theory, the bottleneck is the network and the USB 2.0, not the HD's that are being read.

 

[Gamingphreek]

Hooking the Mobile Enclosure up via IDE Ribbon cables would be faster than either solution correct?

I think I'll just yank this drive out and go from there.

-Kevin

 

[cubby1223]

Originally posted by: Gamingphreek
Ugh...ok well I have a USB 2.0 HDD enclosure handy. Would zipping the files into two seperate files groups and then moving one over the network and one over the USB drive be faster?

Nope. You'll just waste a ton of time in the archiving process, which will give you very minimal gains if any. Most all audio, video, and image files are already in compressed format and can't be compressed any further with archiving tools.

If you want to give it a shot, do a repair install of Windows. Worst thing that happens is that you cannot get Windows to load but all the data files are still on the drive - so you can always hook it up as a slave onto another computer to copy files.

 

[DaveSimmons]

This thread should be marked for use as an example of why you keep your OS and bulk data in separate partitions.

(roll film strip):

"See Timmy, if you plan to download and run a trojan hive, with separate partitions it will only FUBAR your C: partition, and all of the pr0n on your D: partition will still be safe when you fire up Ghost or Acronis to restore your last image of the C: partition."

"But I don't have an Acronis image backup!"

(bludgeon, bludgeon, bludgeon) "Sorry Timmy, you were just too stupid to live."

(film strip ends)

First let me say I am pissed off at myself more than the computer because I should know better than this

Understanding that you have a problem is the first step in your recovery

 

[Gamingphreek]

Originally posted by: DaveSimmons
This thread should be marked for use as an example of why you keep your OS and bulk data in separate partitions.

(roll film strip):

"See Timmy, if you plan to download and run a trojan hive, with separate partitions it will only FUBAR your C: partition, and all of the pr0n on your D: partition will still be safe when you fire up Ghost or Acronis to restore your last image of the C: partition."

"But I don't have an Acronis image backup!"

(bludgeon, bludgeon, bludgeon) "Sorry Timmy, you were just too stupid to live."

(film strip ends)

First let me say I am pissed off at myself more than the computer because I should know better than this

Understanding that you have a problem is the first step in your recovery

Haha. I tried that at first, but I just hate having to install my games and stuff to a completely separate drive...I like to keep it simple.

This is really the first time this has ever happened. I'm 18 and I built my first computer by myself at age 8. In 10 years I guess I am allowed to be a complete and utter moron at least once lol.

Would setting it up via IDE ribbon cable make it any fast??

-Kevin

 

[Bozo Galora]

if you had system restore on, all you would have to do is a rollback to before the virus attack

 

[regnez]

Originally posted by: Bozo Galora
if you had system restore on, all you would have to do is a rollback to before the virus attack

yup

 

[Gamingphreek]

No I dont think so. System restore just rolls back the registry to the way it was before. I don't believe it does anything else. I could be wrong though.

Should I hook up the IDE HDD as opposed to Network or SATA.

-Kevin

 

[Bozo Galora]

yeah, you could be wrong

file extensions monitored by system restore........


~~C

~~D

12A

1PA

1ST

386

8BA


8BY

8LI

A2A

AAS

AAX

ABM

ABR

ACF

ACG


ACO

ACS

ADK

ADW

ADX

AFM

AID

AIP

ALT


AM

AMB

APL

APM

APP

APV

AR

ARX

AS


AT

ATC

ATL

ATM

ATN

AW

AWE

AWX

AX


B0

BAT

BCF

BD

BDR

BE

BGB

BGR

BID


BIT

BK1

BLD

BM

BMA

BND

BNF

BOF

BPP


BPT

BPX

BT

BTN

BUC

CAG

CAO

CAT

CBS


CC

CF

CFG

CHA

CIK

CL

CLW

CLX

CLY


CMD

CNT

CNV

COL

COM

CPB

CPL

CQM

CR


CRL

CRS

CRV

CS

CSB

CSI

CSL

CSW

CTB


CTG

CTY

CUS

CW_

D01

D02

D03

D04

D05


D32

DATA

DB0

DB1

DB2

DC2

DCA

DCF

DCI DCL

DDB

DDD

DEP

DES

DESKLINK

DET

DGM

DIALOG


DID

DIR

DISABLED

DIX

DLL

DOB

DOS

DRC

DRS


DRV

DS

DSC

DSK

DSN

DSR

DSX

DT

DTT


DUN

DVB

DWT

DXT

DYNCMD

ECF

EFF

EFM

EID


EL

ELM

END

ENU

ENV

EOT

EPF

ET

EX_


EXA

EXCLUDE

EXE

EXL

F32

FAE

FAM

FAS

FFP


FIN

FIO

FLL

FLW

FMC

FMP

FNT

FON

FSG


FSS

GCS

GDB

GI_

GMS

GNG

GPD

GS

GSF


GST

GUIATN

GUICMD

GVT

GWD

H16

HCT

HDC

HDI


HDP

HFX

HGD

HHC

HHK

HK0

HK1

HK2

HK3


HLP

HM

HTA

HTC

HTZ

HU

HWL

HYP

IAT


IBD

ICD

ICM

ICO

ICR

ICW

ID

IDS

IFA


ILF

ILG

ILM

IN_

INCL

INF

INI INK

INL


INO

INS

INV

IP

IRS

ISA

ISS

ISU

ITF


J0

JA

JBR

JCM

JGD

K01

K02

K03

KBD


KNN

KO

L0

L2L

L2P

LAB

LAM

LAST

LCA


LCK

LDA

LEX

LGC

LGD

LGE

LGF

LIC

LID


LIM

LIVEREG

LLI

LMC

LMG

LMP

LNK

LO~

LRD


LRS

LSM

LSO

LSQ

LSS

LSX

LT

LTS

LV


M20

MANIFEST

MAPIMAIL

MC

MCD

MCM

MD2

MDM

MDP


ME

MFL

MHK

MIL

MLN

MMC

MMM

MMX

MNC


MNL

MNR

MNS

MOF

MOR

MP

MPD

MPT

MSB


MSC

MSE

MSI

MST

MSK

MSO

MXT

MYDOCS

N0


NAM

NAME

NDX

NEW

NFO

NIB

NMD

NOD

NPM


NQM

NQV

NSI

NSW

NTE

NU4

NUM

NUS

NV


OBE

OCM

OCX

ODE

ODL OLB

OLD

OLE

OP


OPG

OR5

OSD

OUT

P2A

PAG

PBC

PBK

PBV


PC3

PCI

PDI

PDR

PEN

PER

PFB

PFM

PFR


PH

PHO

PHX

PID

PIF

PL3

PLY

PMT

PNF


POC

POF

POL

PPD

PR4

PROPERTIES

PRX

PSC

PSF


PSP

PT

PTH

PTX

PV

Q0

Q32

Q3X

QDAT


QJF

QRS

QTC

QTD

QTW

QUE

QUF

QUT

R0


R98

RAD

RAT

RC2

RCP

RCT

RDB

RDC

REF


REG

RGS

RH

RI

RJS

RO

ROB

RPR

RPS


RSD

RSP

******

RTA

RTR

RU

S98

SAM

SAX


SCK

SCR

SCS

SECURITY

SELFREG

SFP

SG

SG0

SG1


SHARED

SHR

SHX

SIF

SK

SLL

SMC

SMM

SNP


SOF

SPC

SPE

SPM

SPT

SPX

SR

SRC

SRG


SRT

SSM

SST ST4

STB

STD

STF

STP

SWB


SYM

SYN

SYS

T32

TAG

TB

TDF

TH

THE


THK

THS

TID

TIE

TIP

TLB

TLD

TLF

TLT


TLU

TLX

TMC

TNL

TOL

TPA

TR

TRE

TRG


TRO

TSK

TSP

TTF

TTS

TUB

TUM

TUW

TV


TVC

TWD

TXR

TYM

TZD

UBM

UCM

UCP

UCT


UDC

UDI

UDL

UDT

UID

UIL

UK

ULG

ULK


UNT

US

USA

USERPROFILE

USP

USR

UTX

V10

VBS


VBX

VBZ

VCPREF

VDB

VER

VFM

VFX

VIL

VLX


VM

VOF

VPH

VPX

VQA

VQM

VSC

VSH

VWP


VXD

W32

W98

WA_

WBD

WBM

WCD

WDL

WDS


WINSYS

WIPEINFO

WIPESLACK

WMZ

WPC

WPX

WRF

WSL

WTB


WTR

XLL

XMX

XRS

XTU

ZFSENDTOTARGET

ZH

ZH_TW

ZRW

 

[mechBgon]

For people who like to learn from others' mistakes, here are some online multiscanners: VirusTotal and Jotti. A "clean" scan doesn't necessarily mean the file's really clean, of course, but a "dirty" scan can sure tell you to stay the heck away from the file AND its source.

Sunbelt's sandbox is another interesting resource. You can submit a file and their automagic sandbox will run the file and see what it would do, then email you the results. Some malware is aware that it's in a virtual environment and won't play ball, however.

Gamingphreek, would you mind PM'ing me where to find that file? I'm curious to see what it is, what it does.

 

[mayest]

Originally posted by: mechBgon
One other interesting resource is Sunbelt's sandbox where you can submit a file and their automagic sandbox will run the file and see what it would do, then email you the results. Some malware is aware that it's in a virtual environment and won't play ball, however.

Mech: Thanks, that looks like a good resource. I assume that they don't abuse your email address, right? Also, here is a fixed link.

 

[mechBgon]

Originally posted by: mayest

Originally posted by: mechBgon
One other interesting resource is Sunbelt's sandbox where you can submit a file and their automagic sandbox will run the file and see what it would do, then email you the results. Some malware is aware that it's in a virtual environment and won't play ball, however.

Mech: Thanks, that looks like a good resource. I assume that they don't abuse your email address, right? Also, here is a fixed link.

Oops, sorry about the blank link I've sent various stuff to Sunbelt and not got any unwanted email, they're OK. They also have an interesting (to me) blog showing lots of stuff that crops up in their spyware research, like fake codecs of DOOM :Q which come out at the rate of about one new one every 90 minutes on average.