Rogue Data Restore hides all files and folders, and brings all the shortcuts in a some folder.
So that would find anything on your computer to show hidden files and folders.
To do this, open My Computer. In the menu click Tools - Folder Options.
Click the tab View. Scroll to the "Show hidden files and folders", select this option and click OK.
Now you can see the files and folders that were hidden in a consequence of virus infection.
Now again run My Computer and type in the address bar website trojan-killer.net and press Enter.
On this site you will need to download Trojan-Killer.
Run and install it.
Upon completion of installation, select Launch GridinSoft Trojan Killer and click Finish.
When the Trojan Killer will look on your computer you will see a full list of detected malware.
Press the Remove Selected to remove them.
Files created:
C:\Documents and Settings\<UserName>\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Restore.lnk
C:\Documents and Settings\<UserName>\Desktop\Data Restore.lnk
C:\Documents and Settings\<UserName>\Local Settings\Temp\2.tmp
C:\Documents and Settings\<UserName>\Local Settings\Temp\P1kAlMiG2Kb7Fz.exe.tmp
C:\Documents and Settings\<UserName>\Local Settings\Temp\P5tM1QBI6DSS92.exe.tmp
C:\Documents and Settings\<UserName>\Start Menu\Programs\Data Restore\Data Restore.lnk
C:\Documents and Settings\<UserName>\Start Menu\Programs\Data Restore\Uninstall Data Restore.lnk
C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk.exe
C:\Documents and Settings\All Users\Application Data\yiEXcwRdRpIp.exe
Registry key created:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"yiEXcwRdRpIp.exe"="C:\\Documents and Settings\\All Users\\Application Data\\yiEXcwRdRpIp.exe"
No comments:
Post a Comment