Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

FBI Virus -- Win7 Home 64-bit [Solved]


  • This topic is locked This topic is locked

#16
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
After running OTL the first time I shut down the computer to eject the USB safely (device light never went out, was unsure if it had been ejected successfully) to transfer the OTL files to my good computer... on restart it came back to black screen so my fault.

2nd FRST log...


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-06-2013 01
Ran by SYSTEM on 06-06-2013 11:18:29
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2012-10-10] (LogMeIn, Inc.)
HKLM\...\Run: [MRT] "C:\Windows\system32\MRT.exe" /R [72702784 2013-04-11] (Microsoft Corporation)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-10] (Dell)
HKLM-x32\...\Runonce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/w...&"ver=10.0.1427 [x]
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1" [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [FAStartup] [x]
HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background [623960 2009-08-21] (Research In Motion Limited)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [236016 2009-07-08] (Sonic Solutions)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 [3364264 2012-10-17] (Emsisoft GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKU\Ronnie\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2988784 2010-11-22] (SUPERAntiSpyware.com)
HKU\Ronnie\...\Run: [Google Update] "C:\Users\Ronnie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-06] (Google Inc.)
HKU\Ronnie2\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-28] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Ronnie2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\tiffany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com)
S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3084176 2012-10-06] (Emsisoft GmbH)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [375728 2012-10-19] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147888 2012-10-19] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-08-24] (LogMeIn, Inc.)
S2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2012-08-24] (LogMeIn, Inc.)
S3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [24568 2009-08-27] ()
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-05-20] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SMSIVZAM5X64; C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [43032 2009-05-25] (Smith Micro Inc.)
S3 VIACRX64; C:\Windows\System32\DRIVERS\viacr64.sys [100864 2009-07-13] (VIA Technologies, Inc. )
S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-05 18:12 - 2013-06-05 18:12 - 00000000 ____D C:\FRST
2013-06-05 15:21 - 2013-06-05 15:21 - 00051200 ____A C:\Users\Ronnie\Desktop\Extras.Txt
2013-06-05 15:19 - 2013-06-05 15:19 - 00157234 ____A C:\Users\Ronnie\Desktop\OTL.Txt
2013-06-05 15:08 - 2013-06-05 13:04 - 00602112 ____A (OldTimer Tools) C:\Users\Ronnie\Desktop\OTL.exe
2013-05-31 18:26 - 2013-05-31 18:26 - 00000000 ____D C:\ProgramData\Avira
2013-05-31 18:26 - 2013-05-31 18:26 - 00000000 ____D C:\Program Files (x86)\Avira
2013-05-23 13:14 - 2013-05-23 13:14 - 00000000 ____D C:\Users\Ronnie2\AppData\Roaming\Research In Motion

==================== One Month Modified Files and Folders =======

2013-06-05 19:02 - 2012-11-17 14:13 - 00000000 ____D C:\users\Ronnie2
2013-06-05 18:12 - 2013-06-05 18:12 - 00000000 ____D C:\FRST
2013-06-05 15:23 - 2012-12-11 22:46 - 01783818 ____A C:\Windows\WindowsUpdate.log
2013-06-05 15:23 - 2012-12-07 16:14 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-06-05 15:21 - 2013-06-05 15:21 - 00051200 ____A C:\Users\Ronnie\Desktop\Extras.Txt
2013-06-05 15:19 - 2013-06-05 15:19 - 00157234 ____A C:\Users\Ronnie\Desktop\OTL.Txt
2013-06-05 15:17 - 2011-06-15 19:36 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-05 15:13 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-05 15:13 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-05 15:13 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-05 15:08 - 2012-12-11 22:46 - 00012534 ____A C:\Windows\setupact.log
2013-06-05 15:07 - 2010-01-08 15:01 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-06-05 15:06 - 2011-06-15 19:36 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-05 15:06 - 2010-11-20 17:59 - 00000000 ____D C:\Users\Ronnie\AppData\Local\SoftThinks
2013-06-05 15:06 - 2010-01-08 15:16 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-06-05 15:06 - 2010-01-08 15:16 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-06-05 15:05 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-05 14:07 - 2012-12-11 21:39 - 00000000 ____D C:\ProgramData\LogMeIn
2013-06-05 13:04 - 2013-06-05 15:08 - 00602112 ____A (OldTimer Tools) C:\Users\Ronnie\Desktop\OTL.exe
2013-06-04 18:08 - 2012-11-17 14:14 - 00000000 ____D C:\Users\Ronnie2\AppData\Roaming\ArcSoft
2013-06-04 18:08 - 2012-03-03 14:14 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-04 18:08 - 2011-05-02 10:04 - 00000000 ____D C:\Users\tiffany\AppData\Roaming\ArcSoft
2013-06-04 18:08 - 2011-05-02 10:04 - 00000000 ____D C:\users\tiffany
2013-06-04 18:08 - 2010-11-26 17:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-04 18:08 - 2010-11-20 18:04 - 00000000 ____D C:\Users\Ronnie\AppData\Roaming\ArcSoft
2013-06-04 18:08 - 2010-11-20 17:59 - 00000000 ____D C:\users\Ronnie
2013-06-04 18:08 - 2010-01-08 14:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-04 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-05-31 18:26 - 2013-05-31 18:26 - 00000000 ____D C:\ProgramData\Avira
2013-05-31 18:26 - 2013-05-31 18:26 - 00000000 ____D C:\Program Files (x86)\Avira
2013-05-31 18:21 - 2011-05-02 10:04 - 00000000 ____D C:\Users\tiffany\AppData\Local\SoftThinks
2013-05-25 18:56 - 2012-11-17 14:13 - 00000000 ____D C:\Users\Ronnie2\AppData\Local\SoftThinks
2013-05-23 13:14 - 2013-05-23 13:14 - 00000000 ____D C:\Users\Ronnie2\AppData\Roaming\Research In Motion
2013-05-15 18:33 - 2012-11-17 15:23 - 00000000 ____D C:\Users\Ronnie2\AppData\Local\CrashDumps

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-11 15:05:46
Restore point made on: 2013-04-14 17:15:38
Restore point made on: 2013-04-24 17:18:59
Restore point made on: 2013-04-24 17:25:22
Restore point made on: 2013-04-24 18:17:03
Restore point made on: 2013-04-28 16:16:36
Restore point made on: 2013-04-28 16:56:12
Restore point made on: 2013-05-05 18:04:18
Restore point made on: 2013-05-10 11:47:50
Restore point made on: 2013-05-15 19:00:06
Restore point made on: 2013-05-16 13:19:55
Restore point made on: 2013-05-18 19:34:32
Restore point made on: 2013-05-23 09:15:36
Restore point made on: 2013-05-23 11:38:27
Restore point made on: 2013-05-24 18:00:54
Restore point made on: 2013-05-31 18:26:12
Restore point made on: 2013-05-31 19:27:23
Restore point made on: 2013-05-31 23:00:23
Restore point made on: 2013-06-05 15:11:46

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4060.8 MB
Available physical RAM: 3435.85 MB
Total Pagefile: 4058.95 MB
Available Pagefile: 3425.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:378.48 GB) NTFS (Disk=0 Partition=3)
Drive e: (RESOURCE_CD) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS
Drive f: (ReatogoPE) (Removable) (Total:0.98 GB) (Free:0.78 GB) NTFS (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.54 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: FCD81E54)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1000 MB) (Disk ID: 09964A98)
Partition 1: (Active) - (Size=999 MB) - (Type=07 NTFS)


Last Boot: 2013-05-27 11:18

==================== End Of Log ============================

Edited by cramit02, 06 June 2013 - 07:28 AM.

  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
When you get to the black screen could you try the following :

Right click the desktop and select personalise... Are you able to change the wallpaper ?

Then press the windows and R key together... Does the run box appear ?
If it does then type in explorer.exe and OK that
Does the desktop come back
  • 0

#18
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
After posting that FRST log the computer was shutdown... restarting it... attempting the directions above...

Unable to right click at all, no menu
Unable to window key + R, no run box
  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK start the computer from the USB recovery console. First option is to select startup repair if that fails then select system restore and select Restore point made on: 2013-05-31 23:00:23
  • 0

#20
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Attempted Start Up repair, no issues identified. Went to System Restore for 2013-05-31 23:00, did not complete successfully.

Were there no issues to identify in the FRST log that'd need fixing to get back in to Windows?

I'm going to go ahead and proceed with file backup thru Active Boot Disk on the chance that the factory restore is needed... =)

Edited by cramit02, 06 June 2013 - 02:02 PM.

  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No the second FRST looked clean

From the recovery console command prompt could you run a check disc

chkdsk c: /r
  • 0

#22
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Ran the chkdsk c: /r command, result: "Failed to transfer logged messages to the event log with status 50" (see attached pic for details)

Attached Thumbnails

  • IMAG3984.jpg

  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That is because it was working from the recovery console so it is not a problem

Are you able to backup your data ?
  • 0

#24
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Yessir, all personal data that I can find (not my pc) has been backed up and the owners are reluctant but OK w losing data if needed. I told them that if it came down to it they could keep their data but never use their computer again, lol... it was a discussion w friends over drinks that provided plenty of laughs on my side of the table. =)

What've you got in mind?

Edited by cramit02, 06 June 2013 - 03:29 PM.

  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is the make and model of the computer ? That will tell me what kind of recovery we can do
  • 0

Advertisements


#26
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Dell Inspiron one

I've got "all included disks" from the owners, the one that strikes me as possibly useful is the Drivers and Utilities disk "For Reinstalling Dell Inspiron One 19 Computer Software" -- Outside of that all other discs are various programs, nothing OS useful...

Edited by cramit02, 07 June 2013 - 08:46 AM.

  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For that computer you need to do the following to access the system recovery partition

Boot the computer
Press the F8 key when you see the Dell logo. It will take you to the advanced boot menu options, which include 'Repair your Computer'.
Select that option and enter your password if asked, then you will see a list of options like 'system restore' and 'command prompt'.
The last option says 'Dell PC restore'.
Select that option and follow the instructions on the screen.
  • 0

#28
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Restore to factory default was successful. Next steps if any?
  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK ensure that you have a working antivirus

Then copy all the documents and files that were saved, back to the locations where they were backed up from

Only install Java if they really need it

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#30
cramit02

cramit02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Much appreciated, thanks for all of your time and responses.

I have a 2nd computer from the other side of the country w the same virus if you wanna tackle it, I'll even start a new thread. But I definitely do NOT have the backup media for it, I'd have to reach out to an even further point in the country to get those discs. =)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP