Need AV Least Likely To Get Terminated For Photo Salvage

Before i say another word, it is unplugged from the internet. And is only being used in safemode now.

Ok folks I have something hiding and I am in salvage mode now. I want to get the best and Strongest AV against a stealth virus. Just so i can get in and get my keepsake pictures, videos and website files. And feel like they may not be infected. I have heard of pictures being damaged by a virus so this worries me..

From looking in my registry, the virus was trying to give access to my desktop remotely. Remote access has been disabled in services from before the infection. Was it still possibly able to use it? Windows update had difficulty with a netframework security update, but I fixed it.

Kaspersky had its license inactivated right in front of my eyes, while it was disinfecting. After a lot, and repairing the windows installer, I got it reinstalled, but it is infested. And the installer is cwap for the third time.

I saw a link here for BHO hunter and it has been changed to comodo. It seems good but it is not a top contender.

Can't find anything at all other than the original win64cert.dll etc.. that came from my husband downloading ilivid riskware. Grrrr ... But things keep happening...I had my system "clean" and perfect and it is sliding again. I have used tons of programs that I am familiar with.

Some strange screen grab program was in use. If it is in windows, I never saw it before, but it was in my recently used files. So was paint. Those showed after some massive windows repair work that likely removed some of its stealthiness. The time was changed multiple times by 2 hours etc...

I just need to get the best possible AV program, that is least likely to get taken over, money is no object just so i can steal my "safe"? files and trash the C:drive. Ps... I am afraid to draw attention to my coveted files since it may set the virus after them.

And later, replace Kaspersky. Which will only be used for its 10 hour disk scans.

Thanx

 

I think you should create a rescue CD (Avira, AVG, Kaspesrsky etc.) with another computer, any of these will clean Windows without booting into it (offline scanning).

http://www.raymond.cc/blog/13-antiv...-compared-in-search-for-the-best-rescue-disk/

 

I very highly doubt they would be infected. Either use a rescue CD/flash drive to copy the files you need elsewhere, or remove the hard drive and use an external caddy to access the files from another computer.

If you did actually want to try and remove the infection, HitmanPro.Kickstart would be a good starting point. Personally, I've used RegRun Warrior for cleaning a badly infected PC.

 

Give WSA a try on the system for a while. It is very useful to understand the known/unknown you have installed on the system and has a rather solid detection of running 0/day malware. On top, the identity protection module will render harmless all active attempts for keylogging/screengrabbing.

 

Might try here:
http://malwaretips.com/Forum-Malware-Removal-Assistance

 

I usually use a Linux boot disk for such things. Photos are not executable so even if they are infected, they will not execute anything on their own. Get them off to a removable drive, scan removable drive, done.

 

My kaspersky license was terminated in front of my eyes mid war. And the malware bytes trial license in front of my eyes also. The rest... Well... I can assume.

Thanx for the advice.

The good news. I was wrong and Comodo lived! And it found things, ( backdoor) except I accidentally cleared my log. That button is not in a good spot while trying out things. My computer is clean and I love the interaction of the more advanced modes being all paranoid now. Computer is super speedy...

Oh and I used hitman the other day. It got rid of a java virus. But nothing else and I had trouble accessing antivirus sites still, plus other problems. Hitman lived also, but it isn't a full suite.

I have been backing up all day. Yawn....

The bad news? Kaspersky left wincert64 boot with windows since June 19, 2013! Windows system event log showed this. Stupid me I never looked until my computer had a problem.

I am thinking about bitdefender or comodo. How do those two compare? I like false positives by the way. Or should I say control over what runs on my computer. I look things up and decide for myself. But it does sandbox unknown programs.

I can tell you one thing about kaspersky. It has always put bad files in my trusted applications. For longer than I could remember, I ran with all new programs going into restricted. Then had to remember to switch it at installation time. I tired of this and look where I ended up. Don't ever trust kaspersky to decide. If you have, check out your applications...

 

Awesome! I have heard of them being damaged though. I never fully trusted my auto photo and video backup drive. It was running for hours every month when I plugged it in, and backed up squat. Nada since 2011... I looked directly at the drives folders and said eh what? Unless the buggies did something... I overrode the drive and am doing it manually now.

So to be safe, I backed my pics up to discs also. I have always wanted discs for my pics. As for the videos, I don't have the strength.

 

This is technically not true; if there's a vulnerability in some image viewer, a corrupted image file may be used to execute arbitrary code. I don't think I've heard of such exploits being used in some time, though (and the corrupted image probably wouldn't render right once opened).

Still, running an AV scan on the recovered photographs might not be unreasonable.

 

True, but I did not claim otherwise. I said the image files would not execute on their own, and to scan them after retrieving them.

 

Well, backup is done. One thing was saved for last. I snuck into the bad windows account in safemode to only get my email accounts and firefox bookmarks onto a cd by itself. Comodo would not scan the disk that I put them on. It said my installation was bad. When it has been working fine prior.

I went back into my emergency win account and after some balking, comodo started. It is scanning my backup drive now. The CD will be scanned last.

I think there is still something there maybe....

I like the kiosk since kasperky got rid of my sandbox.

I think I am leaning towards comodo.

Now I need to format C and Q once done.

Oh one more thing... Comodo found a virus file on my backup drive.