Jump to content

Recommended Posts

Dear forum admins,

Thanks for past threads that instructed me toward this point. I've just got my computer infected with the Vista Recovery Virus and here are what I did:

1. Update & ran scan with Malwarebytes' Anti-Malwares

2. Ran DDS file & obtained the dds.txt

I have also temporarily been able to view hidden files, but they keep disappear after a while and I have to go to Control Panel again. Anyway, here is the scan log from the software:

----------------------------------------------------

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4052

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

5/26/2011 8:20:56 PM

mbam-log-2011-05-26 (20-20-56).txt

Scan type: Quick scan

Objects scanned: 124085

Time elapsed: 13 minute(s), 54 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lyaiwomq (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

----------------------------------------------------

Please also note that the problem has not go away despite this log ... :(

And here is the dds.txt's content:

----------------------------------------------------

DDS (Ver_2011-05-26.01) - NTFS_AMD64

Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_20

Run by Phuong Vu at 20:16:37 on 2011-05-26

Microsoft

attach.zip

Link to post
Share on other sites

Hi guys,

I happened to ran ComboFix and it looks like that the virus has gone away for now. However, guess it's never really done so this is the log:

PS: Also quick launch is still hidden, could you show me how to reshow it again? Thanks so much! ^^

-----------------------------------------------------------

ComboFix 11-05-26.02 - Phuong Vu 05/27/2011 1:47.1.4 - x64

Microsoft

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please download Unhide.exe by Grinler and save it to your Desktop.

Run it, then restart your computer.

Please do the following:

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Update it, run a Quick Scan, and post its log.

Run DDS again and post DDS.txt in your reply.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.