Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan32 FakeAv on my system please help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan32 FakeAv on my system please help

Unread postby adriagon22 » May 12th, 2011, 1:47 am

i recently got a virus on my computer that was hiding all of my files. i used melware bytes to remove it and i think i got it. however, i wanted to why my labtop files and settings didnt go back to the way they were before the virus. when i ran melware bytes this is what came up. Also when i found the files that went on my desktop, they came back but are still off colored and remain darker then the new programs i put on my desktop.

Any help would be greatly appreciated. Thank you

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6558

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/11/2011 4:16:02 PM
mbam-log-2011-05-11 (16-16-02).txt

Scan type: Quick scan
Objects scanned: 156871
Time elapsed: 4 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
c:\Users\Owner\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\Owner\Desktop\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
adriagon22
Active Member
 
Posts: 2
Joined: May 11th, 2011, 7:52 pm
Advertisement
Register to Remove

Re: Trojan32 FakeAv on my system please help

Unread postby NonSuch » May 12th, 2011, 2:04 am

Please familiarize yourself with the forum rules: >Forum Posting Rules - Please Read<

In order for us to help you it is necessary that you provide us with a DDS log. Please follow the guideline at the link below to start a new topic and post your DDS log by pasting it into your post. Do not utilize attachments.

This topic is now closed. Please start a new topic by following the guideline posted here: >Guideline for posting your DDS log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 54 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware