Jump to content

Windows 7 Recovery Virus

Recommended Posts

Hi, I recently discovered my laptop had the win7 recovery virus. I followed one of the guides on here, ran many virus scans/Malware scans, rootkit scans etc etc. I have also run combo fix which removed some infected files. I've got to a stage where i think i've finally got rid of the horrible thing. It actually FTP'd onto my hosting package and screwed around with my sites! The final thing I want to check is whether this rootkit scan log is just showing false positives or not. Here's the contents of the GMER Scan log:

GMER - http://www.gmer.net

Rootkit scan 2011-06-19 11:55:24

Windows 6.1.7601 Service Pack 1

Running: 5rl489kq.exe

---- Files - GMER 1.0.15 ----

File C:\Windows\assembly\NativeImages_v2.0.50727_32\index8ca.dat 0 bytes

File C:\Windows\assembly\NativeImages_v2.0.50727_32\index8cb.dat 0 bytes

---- EOF - GMER 1.0.15 ----

Thanks in advance for any help.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.