Jump to content


Windows Recovery Virus

  • Please log in to reply
3 replies to this topic

#1 SPL


    New Member

  • Members
  • Pip
  • 17 posts

Posted 06 June 2011 - 06:19 AM


I am new to the forum. My knowledge of computers is pretty average. I contracted the Windows Recovery Virus last night from a website i think. I knew it was dodgey right away, then ESET NOD32 blocked a website it tired to access. I ran a scan using a free ware Malwarebytes, It found 4 trojans and they were deleted and computer rebooted.

Thank icons went missing. Background was black. Windows Recovery Virus popped its ugly head up again. I couldn't update malwarebytes, i assumed the virus prevented me. So i dont a little google search and found other people had the same issue. I folled intructions on the BC windows recovery uninstal.

I ran RKill. Done a malwarebytes scan, i trojan found and deleted. Restarted PC and what do you know Windows Recovery was back again...

I found one of your members post and followed the instructions.

Ran ComboFix, followed the directions. Everything seems good now, Updated Malwarebytes. Currently doing scan now. Most of my desktop items are back up. The back ground is still a black screen, quick launch icons are still missing. Windows recovery hasm't popped up yet.

Is there something else i can do to make sure i am virus, spyware , malware free?

Im not too happy ESET nod32 didnt stop the attack. Im thinking of upgrading to the paid version of Malwarebytes.

I will post up the malware log when finish.

I would greatly appreciate if someone could help me make sure i am full virus free.

Thank you

#2 noknojon


    you know why ---

  • Honorary Members
  • PipPipPipPipPipPip
  • 6,090 posts
  • Gender:Male

Posted 06 June 2011 - 06:25 AM

Ran ComboFix, followed the directions. Everything seems good now,

Please, never run C/Fix unless an expert thinks it suits your problem , if you read the directions it says to only use with expert help -
You need someone to diagnose the problem and read the results of the scan also -
Please only follow the directions below by daledoc1
Just another private helper .......................... The answer is always 42, or Reboot
If you are waiting for an answer Press F5 ................. you may have one waiting for you ........

#3 daledoc1


    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,871 posts
  • Gender:Not Telling

Posted 06 June 2011 - 06:25 AM

Hello and welcome, SPL:

[[EDIT: Sorry, noknojon -- it appears we hit "add reply" at the same moment!]]

Sorry to hear that your computer may be infected.
It sounds like you could use some help from the malware experts.

Alas, we do not work on malware removal in this particular part of the forum.
However, free, expert assistance can be found at the malware removal-HJT forum.

Here's how to proceed:

1. First, please go to THIS PAGE, print out, read and follow as many instructions as you can, skipping any you are unable to complete. (It sounds as if you have already started this process on your own.)

2. Then, please describe your computer's symptoms as best you can and post the requested MBAM and DDS logs by starting a new thread at the Malware Removal-HJT forum . (Use copy/paste to include the logs in your post, rather than attaching them.)

One of the authorized, trained experts will then assist you as soon as possible for one-on-one malware detection and removal.
When you post, please be sure to select Track This Topic & choose one of the email options, so that you will be notified when someone responds.
Please be patient and allow 24-48 hours before bumping your thread.

Other Support Options:
--- Alternatively, as a paying customer using MBAM PRO, you may wish instead to start a support ticket by contacting support at: support@malwarebytes.org; or
--- Premium, fee-based support options are available here.

NOTE: If you are a reseller, affiliate, technician, corporate, business, educational, government or non-profit customer then please contact corporate-support@malwarebytes.org and include full contact details along with your Reference # when you do, in order to ensure that you receive prompt assistance.

Also, please use the "Add Reply" button when replying here & at the other boards, so that it will be easier for everyone to follow the thread.

I hope this gets you started on cleaning up your system,


Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO; Sophos ES 10.3; SAS Free; CCleaner.

#4 SPL


    New Member

  • Members
  • Pip
  • 17 posts

Posted 06 June 2011 - 06:53 AM

Opps sorry,

I was trying to remove this virus myself, not wanting to bother anyone, i thought i would be able to do it.
Thanks for that link. I will do that now and post my results.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users