Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Recovery Virus and hidden items


  • Please log in to reply
3 replies to this topic

#1 amidoggy1

amidoggy1

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 06 January 2012 - 07:29 PM

EDIT Moved from WIN7 to Am I Infected~~~ boopme
Hi everyone, and thanks for accepting me as a new member to this forum! I believe I was able to successfully remove Windows Recovery Virus from my laptop running windows 7 - 64 bit! I tried my best to follow instructions how to get rid of this nasty virus with the help of Bleeping Computer instructions - but I obviously made some mistakes, too!
I used RKill download link, and Malwarebytes link, and also Unhide.exe link ! Then I also used my antivirus programs already on my computer, and I believe some antivirus program deleted some of my files so that automated unhide files programs cannot restore those missing (deleted) files ! So I guess - my only course is to somehow restore missing files manually ! But knowing only little about computers, for me instructions to restore hidden files manually seem to be quite complicated (as was removal of windows recovery virus itself)! I was able (miracle!!!) to restore desktop icons somehow - and even Start menu items on the left side came visible again ! But the right side, where Control Panel, Documents, Pictures etc. etc. used to be before - is still hidden. Somehow there is one item - it is "Computer" and it works as before showing all drives! So - what I have noticed so far that desktop background is black - icons are there - but some Start menu items are hidden - and who knows maybe something else! I have had full Malwarebytes scan several times - and results show that everything is clean - no problems!
All advice will be appreciated ! Thanks!
p.s. In case someone is interested how I got this Virus - I actually have been waiting for USPS delivery of my online shopping - and I got USPS Delivery Notification email! And - of course I made all the mistakes opening it and attachment! Then "fireworks" started - and all possible Warning boxes popped up on my screen!
Thanks again!

Edited by boopme, 06 January 2012 - 08:07 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:03 PM

Posted 06 January 2012 - 08:04 PM

Can you post the logs from your dealings with this virus?

#3 amidoggy1

amidoggy1
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:03 AM

Posted 08 January 2012 - 10:09 AM

Hi again! Now - as I start to believe that I was able to remove Windows Recovery Virus from my computer

( read: without knowing much of anything about computers looks like I finally got lucky) - I will tell what I did -

in case somebody finds it helpful!


I followed BleepingComputer instructions as follows:


RKill.exe - first, then

TDSSkiller - followed by

Malwarebytes - and

Unhide.exe - (to unhide desktop icons, start menu, and files hidden by virus!) And - last - I downloaded

Secunia - and ran it to help me to update vulnerable programs!

I had to do this twice before all scans showed 0 problems!!!

(During first scans I probably made some mistakes - or omitted something)

Thank you BleepingComputer very much for your help!

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:03 PM

Posted 08 January 2012 - 01:16 PM

Can you please post the logs from tdsskiller and malwarebytes?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users