Jump to content
Posted 27 January 2015 - 08:35 AM
Posted 27 January 2015 - 09:21 AM
I have seen encrypted files on some recovery partitions. I suggest you examine the recovery partition before you try to restore to factory default. If you see encrypted files, install_tor, or any other evidence of tampering, a factory restore may fail but will certainly waste your time. A wipe and load will be the safest solution, but download the networking drivers (on a different computer) first.
Posted 27 January 2015 - 01:40 PM
Never heard of that one. Are you sure he didn't mean KEYHolder?
...He tells me he has been infected with Key logger Ransomware....
Posted 27 January 2015 - 01:43 PM
girlguru, are you indicating that viri and bad-ware can also be placed onto hidden [non-drive-lettered] partitions? If so, is there a good way to monitor for tampering if not prevent such tampering with hidden partitions? I have anti-CryptoLocker software installed as well as other alligators in my castle moat.
"Take care of thy backups and thy restores shall take care of thee." -- Ben Franklin revisited.
Backup, backup, backup! -- Lady Fitzgerald (w7forums)
Clone or Image often! Backup... -- RockE (WSL)
0 members, 0 guests, 0 anonymous users