Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Child Pron Virus - server reloads...


  • Please log in to reply
3 replies to this topic

#1 Backupserver.ca

Backupserver.ca

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 23 October 2012 - 08:23 PM

So we got hit on two of our client's servers by that child porn virus / file encryptor.

Has there been any headway on getting a fix for the files lost to the .rar archives?

We have MOST of it backed up but there are some significant losses here.

Edited by Andrew, 23 October 2012 - 09:07 PM.
Mod Edit: Moved so the malware experts can see it better. - AA


BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:07:41 AM

Posted 23 October 2012 - 09:23 PM

Take a chance at this post.

http://www.bleepingcomputer.com/forums/topic449398.html

If this is what you have on your servers there's not much hope.

If you have something different if you can give us a more precise name of the malware that would help.
Ghostbuster in training.

If I have not replied within 3 days please send me a PM. I won't reply on Sundays.

#3 noknojon

noknojon

    Aussie Addict


  • Members
  • 8,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:09:41 PM

Posted 23 October 2012 - 11:25 PM

Hello -

You can try to send a PM to Grinler >> http://www.bleepingcomputer.com/forums/user-3/grinler/ and describe any recent backup you have made of your system - Time, Date, Operating System, Etc - and there is a chance that he may be able to help you restore to your last backup / restore point -

If it is the severest version, this is about your only current hope - If you have never made a backup, you can lose all data and do a full clean reinstall -

NOTE - Please read http://www.bleepingcomputer.com/forums/topic449398.html and make a decision now -----------

Any others that read this should make a backup NOW as there is no other current way to decrypt the latest Ransom infection - -
A hard copy of your files seems to be the best version to be able to reinstall your data -

There are Antimalware people around the world trying to remove this without much chance -

You will not be able to follow this if you are totally encrypted, but your only hope is here >>
Please follow the instructions in ==>This Guide<== do steps 6-9

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Sorry for your loss -

Edited by noknojon, 24 October 2012 - 04:19 AM.

Thank You -

 

 - Windows 7 SP1 Home Premium Toshiba Laptop - Avant and user of Internet Explorer Browsers  - And I Use GOOGLE-

~ Remember to Press F5 as you may already have an answer waiting for you ..... If not .....The answer is always 42, or Reboot ~


#4 meeta

meeta

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 05 November 2012 - 09:24 PM

start windows in safe mode with networking and than go to start up programs setting and you will find it there, check to stop it running at start up and than clean it




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users