Jump to content

Recommended Posts

Hello,

I need guidance in completing cleanup from the System Recovery virus that infected my Win7-64 system yesterday.

Unable to shut system down fast enough to prevent some of the "cosmetic" damage. I've cleaned the obvious, just don't trust messing with the registry. Too many variables with this particular virus occurrence. Several browser based downloads when this happened. Some combination of IE9, a Firefox update, and a recommended adobe flash player update for FF mixed in with the real stuff I was working on.

Symptoms - wiped out my desktop icons, hid most files, changed desktop theme.

What I did - show all hidden files - brought back a few icons too.

ran malwarebytes. It detected 3 files in ProgramData that I know are from the virus and 4 or so HKEY entries. Comfirmed the file deletion and removed one that remained plus 2 ~roguefilename files. Reran malwarebytes quickscan clean. Today ran Spybot S&D. Detection updater failed - maybe an artifact of the virus. Able to download detection updates from Softpedia. I also have S&D resident running on my system. Spybot detected and cleaned Fraud Windows Recovery HKEY entries, the same trojan from what I can tell. Reran malwarebytes full scan clean.

Current status - running close to "normal" with some desktop look and feel issues and possible file/directory access issues noticed during exploration/debug of virus contamination. I see several "locked" directories that I just never noticed before. Most desktop icons missing. Rogue desktop theme (black screen). Cannot change desktop theme or background. Start menu All Programs is empty.

This issue is very similar to a Forum posting Infected by Windows Restore virus, desktop icons missing from 02 May 2011. I see unhide.exe, roguekiller,etc. I'd appreciate assitance with this to make sure I am running the latest and taking the right steps for my particular situation.

Thank you,

Glenn

Link to post
Share on other sites

Welcome to the forums Glenn :)

If you think your computer might be infected and would like expert assistance with cleaning your system, there are 3 support options from which to choose:

  • Option 1 -- Free, Expert advice in the Malware Removal Forum
  • Option 2 -- Paying customer using MBAM PRO -- Contact MBAM Support via email
  • Option 3 -- Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in this General Malwarebytes' Anti-Malware Forum, you need to start a topic in the Malware Removal forum so that a qualified helper can help you fix any malware related problems/infections you may have.

  • First, please print out, read and follow the directions here, skipping any steps you are unable to complete.
  • If the infection has so crippled the computer that you cannot follow most/all of the requested steps, then please just proceed as advised below:
  • Then please post a NEW topic here.
  • When posting your new thread, please make sure that, under "options", you select Track this topic and choose Immediate Email Notification, so that you're alerted when someone has replied to your post.
  • One of the expert helpers there will give you free, one-on-one assistance when one becomes available.
  • Please refrain from making any further changes to your computer such as (Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.

IMPORTANT NOTE: Please DO NOT post back to ("bump") your topic within the first 48 hours.

Replying to your own posts changes the post count from zero. Helpers are looking for topics with zero replies. If you reply to your own post, helpers may think that you're already being helped and thus may overlook your post. This will only delay your obtaining assistance.


  • o If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
    o You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer using MBAM PRO, you can contact the help desk at support@malwarebytes.org or here.

OPTION 3

If you would like to use the Malwarebytes Premium Services (Comprehensive solutions to all your computer support needs -- from installation and set-up to troubleshooting and tune-ups), please go to the Malwarebytes Premium Services support site.

Please be patient -- someone will assist you as soon as it is possible.

Please use the zMn2t.jpg button instead of other ones when you reply here and at the other forums, so that it will be easier to read. :)

Thank you :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.