[integrinB4]

I ran the EST scanner, but it did not generate a log.txt file in the C;\Program Fiels (x86)\ESET\ESET Online Scanner

THe report window stated there were 0 threats found.

Should I run again or proceed to step 4?

[Advertisements]

That is good news just go on to the next step!

[CompCav]

That is good news just go on to the next step!

[integrinB4]

•Plug in your USB drive and click on Vaccinate USB and Vaccinate Computer.


I vaccinated my computer. However, when I plugged in the external hard drive, an autorun window opened Standard window asking if Open folder to view files or Run Backup to this drive.

The Pand window says J:\(NTFS)
Followed by NTFS support is disabled, consult help.

I unplugged the drive.

Please advise.

[CompCav]

Panda vaccine and other programs like it do not work on NTFS systems.

Please do not allow it to autorun anything on the hard drive until we check it with MalwareBytes'. Just click cancel on the autorun window when it comes up again and go on to run a full scan of the external drive as instructed using MalwareBytes'.

[integrinB4]

I am currently scanning the external hard drive.

Many of the files are backup fiels (.zip, etc) as generated by using the windows 7 Backup and Restore options in the control panel. Will Malware bytes effectively scan these files even though they are compressed?

[integrinB4]

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.18.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Mike :: DESKTOP [administrator]

1/17/2012 9:00:44 PM
mbam-log-2012-01-17 (21-00-44).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208443
Time elapsed: 3 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[CompCav]

Please review this video. I will have more detailed instructions tomorrow after my instructor approves them.

Please go here

There is a brief but excellent video on the process of system recovery.

Please view the video under:

View a video on performing an HP System Recovery in Windows 7 (It is about 1/3 the way down the page.


After reviewing the video please post any questions you have before I post the detailed instructions for you.

CompCav

[integrinB4]

1) Is it better to transfer the files that need to be backed up to the exteranl hard drive prior to using the System recovery tool or should I use the system recovery tool backup procedure.

[CompCav]

I do not think it matters but that is one thing I am checking with my instructor.

[CompCav]

1) Is it better to transfer the files that need to be backed up to the exteranl hard drive prior to using the System recovery tool or should I use the system recovery tool backup procedure.

I have reviewed this with my instructor and either way works well. I personally have done it both ways with my wife's hP computer and it was fine. The only caveat I would have is if you have some files you want to keep that are not in the directory that is standard for them (i. e. Documents for Word documents, etc.) then you would need to do it before hand, at least for the non standard location files.

With that said here is the plan.



You have two options for saving your critical files.

One you can back them up to your external drive now.

Or you can use the tool in system reset to copy your critical files to an external drive.

Please go here

There is a brief but excellent video on the process of system recovery.

Please view the video under:

View a video on performing an HP System Recovery in Windows 7 (It is about 1/3 the way down the page.

We want to Start a system recovery from the startup screen (during system boot)

As you can see in this screen you can do the recovery of files as part of this process.


If you have any questions before beginning, please let me know

If not then we can begin the process as outlined on the video and supplemented by the script. Just reboot and press F11 repeatedly until this screen comes up:


With the video as your guide and the steps listed on the web page under Start a system recovery from the startup screen you are prepared to step through the complete process.

Please let me know if there are any issues along the way and when you are done with security and microsoft updates

[integrinB4]

Thanks for all the help and sorry for the delay.

I am waiting for my wife to back up her files (I don't know all the things she wants). She has had a busy work week. We will proceed with the reformatting this weekend.

[CompCav]

Thanks for the update. I understand it is better to take your time and do it right than to just rush it. We will be here when you complete the reformatting.

CompCav

[integrinB4]

All of our files are now backed up.

Before I proceed with the system recovery, I had noticed one thing. Our computer came factory installed with Windows 7 Home edition. We immediately upgraded to Windows 7 Professional 64-bit x64 (for which we have the upgrade disk). Will this cause a problem in the system recovery? or once I complete the recovery, just upgrade to Windows 7 Professional again? (My wife needs Professional for an application she uses for work).

[integrinB4]

I also guess the follow up question is a windows upgrade question? When I reinstall windows 7 professional from my disk, will the product key still work? Or will it say taht the product key is invalid as it was aleady used once?

[CompCav]

You can do the upgrade after the recovery. The upgrade will go fine. Your product key will still work because it is associated with that specific machine. When it validates it should go fine. If it does not, just call the Microsoft number that appears and they will do it.