Windows Vista Recovery virus - think it's gone but not sure

#1 quisait

New Member

Group: Members
Posts: 7
Joined: 28-June 11

Posted 28 June 2011 - 03:15 PM

Hi Folks

I'm new here and I found the site because this morning I got infected by the Windows Vista Recovery virus :angry:

Firstly, I hope that this is the right place to be posting this!

As far as I can see, I seem to have got rid of that virus. However, I am still suspicious that something may still be lurking as when I go to Google the top bar where you find Web; Images; Video; Maps etc is black on my PC but white on my wife's.

Looking at each of the hyperlinks, I can see nothing untoward but I'm edgy after this morning.

I've tried the RKill software and according to that there were no malware issues running. I got my desktop back by running system restore.

Am I safe? Everything appears fine apart from when I tried to update my AVG it gave a "general error", so I went and downloaded the new definitions from their site and added them in manually.

Thanks for any help.

Jools

This post has been edited by quisait: 28 June 2011 - 03:16 PM

#2 firemaster1337

Member

Group: Members
Posts: 146
Joined: 18-December 10
Gender:Male
Location:Canada

Posted 28 June 2011 - 03:20 PM

firemaster1337, on 28 June 2011 - 10:27 AM, said:

first of all you need to download malwarebytes antimalware which is found here
however if you cannot get to the site on your computer you will need a cd or flash drive and you will need to put the installer on the cd or the flash drive after thats done install malwarebytes antimalware and update it then do a quick scan with it then post the log it gives you here
how ever if you can not run it in normal mode boot into safemode and run the scan
How to boot into safemode? one reboot the computer then keep pressing f8 softly untill it gives you the option to boot into safe mode and selete the one with safe mode with networking

My names firemaster1337 and I enjoy helping people solve their malware problems

#3 quisait

New Member

Group: Members
Posts: 7
Joined: 28-June 11

Posted 29 June 2011 - 02:06 AM

Thanks for this. I've got the software installed and updated it this morning. Here are the results:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6974

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18702

29/06/2011 09:05:05
mbam-log-2011-06-29 (09-04-52).txt

Scan type: Quick scan
Objects scanned: 160515
Time elapsed: 11 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Doudou\AppData\Local\Temp\tmp8371.tmp (Trojan.FakeAlert) -> No action taken.
c:\Windows\Temp\javA2AD.tmp (Trojan.FakeAlert) -> No action taken.

#4 Blade

Strong in the Bleepforce

Group: Site Admin
Posts: 10,238
Joined: 20-January 09
Gender:Male
Location:US

Posted 01 July 2011 - 05:58 AM

Hello,

please follow the steps in this guide: http://www.bleepingcomputer.com/virus-removal/remove-windows-vista-recovery

As you've already installed MBAM, you need not install it again. Just update and run a scan as directed in the guide.

~Blade

This post has been edited by Blade Zephon: 01 July 2011 - 05:58 AM

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+