So, I have been transferring old music projects from a hard drive to the new build and I just ran into a personal nightmare.
I copy pasted the .exe file from an old version of my music application so I could work on old projects. Here is EXACTLY what happened next:
-I went to open the .exe file and was prompted by the "do you want to allow this to make changes.." and thought I better scan first, even though the external drive its on had been scanned many times and come up with nothing, so I select "No"
-I then slect scan file with Kaspersky; it runs through many files contained in this one .exe and comes up with an adware.opencandy alert and asks me if I want to disinfect the file. I select yes.
-After operating normally for a moment it appears to be doing nothing, the loading wheel is spinning but everything else has frozen. I try start menu, no response, I try task manager, wont open, I try to delete the folder on my desktop containing the .exe and it prompts me with a "you need administrative privileges to..." I back out. I assume that was because Kaspersky was scanning it or attempting to clean it.
-So I hot boot it....
-After the restart Kaspersky has the .exe file in quarantine. A full system scan brings up nothing, likewise for Malwarebytes, and likewise for some manual searching of any opencandy related .dll's, and no pop ups or any signs of anything yet.
So that all seemed VERY sketchy to me.... It appears nothing got executed, but I have read some malicious code can be triggered to execute from a virus scan and exploit vulnerabilities in the virus protection.
Can a malicious code execute if I haven't "installed" or opened the infected .exe?? Would clicking on it then opting out at the "do you want to allow this file to make changes to the harddrive on this computer" prompt be enough for it to open?
If it seems like I am being paranoid I am, I have been keeping this comp squeaky clean since I built it so this is a frustrating blow..
I copy pasted the .exe file from an old version of my music application so I could work on old projects. Here is EXACTLY what happened next:
-I went to open the .exe file and was prompted by the "do you want to allow this to make changes.." and thought I better scan first, even though the external drive its on had been scanned many times and come up with nothing, so I select "No"
-I then slect scan file with Kaspersky; it runs through many files contained in this one .exe and comes up with an adware.opencandy alert and asks me if I want to disinfect the file. I select yes.
-After operating normally for a moment it appears to be doing nothing, the loading wheel is spinning but everything else has frozen. I try start menu, no response, I try task manager, wont open, I try to delete the folder on my desktop containing the .exe and it prompts me with a "you need administrative privileges to..." I back out. I assume that was because Kaspersky was scanning it or attempting to clean it.
-So I hot boot it....
-After the restart Kaspersky has the .exe file in quarantine. A full system scan brings up nothing, likewise for Malwarebytes, and likewise for some manual searching of any opencandy related .dll's, and no pop ups or any signs of anything yet.
So that all seemed VERY sketchy to me.... It appears nothing got executed, but I have read some malicious code can be triggered to execute from a virus scan and exploit vulnerabilities in the virus protection.
Can a malicious code execute if I haven't "installed" or opened the infected .exe?? Would clicking on it then opting out at the "do you want to allow this file to make changes to the harddrive on this computer" prompt be enough for it to open?
If it seems like I am being paranoid I am, I have been keeping this comp squeaky clean since I built it so this is a frustrating blow..