"Windows Vista Recovery" malware removal

[Victek]

A customer picked up the Windows Vista Recovery virus and I could use some help with the removal procedure. I'm currently scanning with a newly created Norton Internet Security bootable CD. The scan takes a while and I don't know yet if it will fully detect and remove the problem. In case you're not familiar with it the virus blocks access to anti-malware apps, hides user data files and is active in SAFE mode. I can't find a way to get to the usual load points, such as "appdata" etc, to see find the virus EXE. I have booted with a rescue CD, but access to folders in the user profile is denied. Is there a removal FAQ for this one? TIA.

 

[Jacee]

See if the manual removal instructions here, will help Windows Vista Recovery and Windows 7 Recovery - Virus Solution and Removal

 

[Victek]

See if the manual removal instructions here, will help Windows Vista Recovery and Windows 7 Recovery - Virus Solution and Removal

Thanks for the reply. As it worked out the Norton Internet Security boot CD was able to find and remove the active malware (which included the TDSS rootkit). Afterward I had control of the desktop and was able to remove the remaining malware traces and undue the registry hacks in stages. In particular I found a tool called "Unhide.exe" which made the user data visible again. This was an interesting mess to unwind.

 

[James Colbert]

See if the manual removal instructions here, will help Windows Vista Recovery and Windows 7 Recovery - Virus Solution and Removal

Thanks for the reply. As it worked out the Norton Internet Security boot CD was able to find and remove the active malware (which included the TDSS rootkit). Afterward I had control of the desktop and was able to remove the remaining malware traces and undue the registry hacks in stages. In particular I found a tool called "Unhide.exe" which made the user data visible again. This was an interesting mess to unwind.

Thanks for posting back, Vivtek. Those googling for solutions will find this solution. In fact, I ran across this thread in a google search for the Vista Recovery virus to clean up a neighbor's laptop. And thanks to Jacee for her usual efficiency .

It's what makes it all work!

James