# [SOLVED] CSIS virus with UKASH and System Restore??



## pistolpoison (Mar 29, 2012)

Hi I need confirmation on this following information. I got my desktop disable by the csis virus and had verified online how to do the removal without reinstalling Windows 7 ultimate. I couldn't figure out what to delete in the registries for a manual removal of the virus. So I went in safemode with networking decided to turn on my AntiVirus with videotron security services .( videotron is my internet provider and the AntiVirus service is a payable option. I bought it knowing that usually since its not a popular anti virus its only given to Quebec residents it wouldn't be disabled by a virus like the one I have.) After doing a full anylasis on my laptop for virus trojans fraudulent spyware etc it found 4 viruses . The day I got the virus I had done a system restore to a previous date where the computer was completing clean. After the system restore, I've done a full analysis for any viruses or corrupt files and delete anything that was found at the moment it scan and also downloaded the Windows security to do a full check out and nothing was discovered. I decided to do also a disk defragementation, system updates for windows, java and clear any temporary files. I restarted the computer in normal mode everything seems ok and all the security software are turn on with firewall. Now my questions are ;
1- How do i know for shure the virus is really gone without buying anotherr antivirus?
2- I use WiFi connection and my "infected" laptop also has in group users it reads my other pc ( tower with monitor ) , is it possible the virus attacked my other computer or my mobiles that use WiFi ? If so can spyware find user names and passwordopcorn:s even if not saved ?
3- All information online for the csis virus said to remove it manually beceause "most" anti-virus software is recognized and disabled ( hence mine who isnt popular) . I am not shure if a system restore does anything and hopefully the anti virus by videotron cleared it. So basicly is system restore made to erase and backtrack to a happier pc moment ? 

Thank you in advance waiting for a response anxiously !
Emma GATINEAU, QUEBEC


----------



## tetonbob (Jan 10, 2005)

*Re: CSIS virus with UKASH and System Restore??*

Hello. This not a virus, it is a ransomware/scareware infection. It is not self replicating, a virus is self replicating. It generally does not transmit across a network, rather it infects single machines which happen across a site it has exploited, and/or a user machine which has vulnerable versions of Java installed. It is not typically known as a dataminer.

Windows 7 System Restore is very robust and can in fact help resolve many infections if it can be accessed.


> So basicly is system restore made to erase and backtrack to a happier pc moment ?


 Yes, exactly that.

This threat can usually be detected by an updated anti-malware program such as Malwarebytes Anti-Malware.

For more detailed assistance....

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through *all *the steps, please post the requested logs in the Virus/Trojan/Spyware Help  forum, *not here.*

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.


----------



## pistolpoison (Mar 29, 2012)

*Re: CSIS virus with UKASH and System Restore??*

Ty I realized it wasnt a virus I did dw the malwarebytes thing I did so many scans that the computer is clean a-z . Although the computer is still on overdrive and the internet browser is slow if many Windows are open which before it wasn't a problem but I'm happy ro know it wasnt a virus fiou.!! Lol thank u for the information.:smile:


----------



## tetonbob (Jan 10, 2005)

*Re: CSIS virus with UKASH and System Restore??*

:thumb: You're quite welcome. If you have doubts as to whether the machine is clean or infected still, follow the steps in the link provided in my previous post.


----------

