alid wrote: Ok so you were able to change the attrib so that you can now see the data. What did you do to remove the malware? At this point you don't know where you stand. You may have root kits or keystroke loggers.. who knows. Even if you are able to "clean" the system... Most Security experts will tell you the best thing to do is to format and re-install the OS. I know that is a big PIA but that's the only way to make sure you are completely safe.
I started with rkill (mentioned in my second post) - an av program that kills processes but itself doesnt fix the problems. They tell you on their site/instructions to rename the executable file so the virus programs wont know what program to look for (this is part of the problem in that they will alter Norton, AVG, Windows key files, etc so they wont run).
After running rkill I was able to get to get to perform a System Restore which I couldnt do the first attempt.
I also ran MBAM to be sure and it was clean. The key point was being able to get to do a restore - which is much like reformatting a drive and an O/S installation.
I was born in Great Falls, Mt. My parents moved when I was 5. I found them when I was 10 - they were in California.
alid wrote: Ok so you were able to change the attrib so that you can now see the data. What did you do to remove the malware? At this point you don't know where you stand. You may have root kits or keystroke loggers.. who knows. Even if you are able to "clean" the system... Most Security experts will tell you the best thing to do is to format and re-install the OS. I know that is a big PIA but that's the only way to make sure you are completely safe.
I started with rkill (mentioned in my second post) - an av program that kills processes but itself doesnt fix the problems. They tell you on their site/instructions to rename the executable file so the virus programs wont know what program to look for (this is part of the problem in that they will alter Norton, AVG, Windows key files, etc so they wont run).
After running rkill I was able to get to get to perform a System Restore which I couldnt do the first attempt.
I also ran MBAM to be sure and it was clean. The key point was being able to get to do a restore - which is much like reformatting a drive and an O/S installation.
If you feel ok with this.. it is up to you.. I would download a copy of Microsoft's defender offline. windows defender offline and do the offline scan. The offline scan boots it's own mini-OS and not your installed windows OS. It's free and works well.
2009 Winnebago Adventure 32h
2006 Terry Quantum 330FKDS (beach getaway)
2003 Aprilia Atlantic 500
2007 Honda Reflex
2 house rabbits "Roo and MiMi"
I will do and post back any newly learned information. Thanks.
===
Edit Update:
The program/link posted above is to prepare a CD for the Windows Defender Offline/Files.
Then you insert a blank CD and run the program above saved to your pc.
There are 4 major steps -
- Download Windows Defender Offline file from the link above
- Insert a blank CD
- Launch the program downloaded above
- Follow the prompts
When the program is running you will see messages -
- Downloading files (198-205MB)
- Processing files
- Burning CD
- Validating Files
You are then instructed to insert the CD (if removed)
Reboot to the CD (you will see 1 prompt to boot to CD)
Starting Windows
Windows Defender Offline will start...nothing to do except click OK
Mine came back clean but I will keep the disk handy
* This post was
edited 05/08/12 10:42am by wittmeba *
Offline
but I will keep the disk handy
