Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows XP Restore virus mess

  • Please log in to reply
1 reply to this topic

#1 Pakuni


  • Members
  • 1 posts
  • Local time:01:02 PM

Posted 12 June 2011 - 10:19 AM

Apologies if this has been covered, but I've searched around the forums and while I've spotted seeveral threads regarding this virus, my issues seem somewhat unique.

First, I'm running Windows XP home.

Problems started yesterday when the Windows XP Restore virus reared its ugly head. I recognized if for what it was right away, didn't click on anything I shouldn't and ran an rkill followed by Malwarebytes full scan. Unfortunately, I was optimistic - overly so, it now seems - that this would solve the issue, so I didn't save the logs and can't get to them now (more on that later). MBAM found about 10 infected files, I had them removed/quarantined and then followed the instructions to reboot.
So far, so good.
On reboot, however, Windows popped up in a blue screen telling me to run a CHKDSK, which I did. After that ran, Windows came up but the vast majority of my desktop icons, programs and files were missing. Following the advice here, I ran unhide.exe, which returned what appeared to be all my files.
I happily went about my business from there, thinking I'd resolved this when, a short while later, an icon for Windows XP Restore reappeared on my desktop. So, I repeated the steps above (again, didn't save the logs, sorry), MB found one infected file this time and I rebooted.
Now here's where the real problems start. Upon reboot (after another CHKDSK) the Windows XP Restore remains, along with a couple other icons, but most icons and files are again missing. Making matters worse, I'm getting Google redirects from IE, Firefox won't open (get a message telling me it's already running, which according to my task manager it isn't), I can't open/run any potential fixes (such as ComboFix, TDSSKiller) and IE won't allow me to download any of those potential fixes or open them off a CD. Also, even among the files that do appear, I can't open any ... thus I can't recover old mbam or rkill logs.

So, that's where I'm at. I've dealt with a couple of nasty viruses/malwares in the past and eventually figured it out, but this one has left me clueless and near hopeless. At this point, I'd take it if I could just recover my files, though I hope for better.

At present, I'm on a work computer, so hopefully I can download any fixes here to run at home if need be, but again, it's not even letting me run programs off CDs.

Any help/direction/advice would be much, much appreciated.


BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,567 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:02:02 PM

Posted 12 June 2011 - 08:53 PM

Hello and welcome. Please use this Guide. i do not recommend you run ComboFix.

Please follow our Removal Guide here Remove Windows Restore (Uninstall Guide).
After reading how the malware is misleading you ...
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users