Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Toshiba lap top infected with ransomware


  • Please log in to reply
21 replies to this topic

#1 PC rage

PC rage

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 09:19 AM

Was discussing my Toshiba lap top being infected with the FBI ransomware in another thread http://www.bleepingcomputer.com/forums/topic470453.html and was directed by member narenxp to initiate a new thread

Thank you in advance narenxp for any assistance you may be able to provide :thumbsup:

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 09:23 AM

Can you boot into safemode with networking?

#3 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 09:31 AM

not sure what that means

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 09:38 AM

Press F8 on bootup


Posted Image

Select safemode with networking

#5 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 09:39 AM

:o doing that now ....... done :thumbup2:

Edited by PC rage, 02 October 2012 - 09:40 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 09:42 AM

If you dont have pop up

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 09:51 AM

I clicked on the TDSSkiller & then it has an icon at the lower left that says Clear List

Edited by PC rage, 02 October 2012 - 09:53 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 09:53 AM

Follow my instructions.Ignore other stuffs.

#9 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 09:57 AM

it is showing as currently downloading; is there an approximate time frame for it to download

#10 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 10:06 AM

I selected Detect TDLFS file system, ran a scan, and it processed 444 objects, with 0 threats

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 10:21 AM

Finish all the scans and post the logs together.You need not update here on status unless you have issues running the scans. :thumbup2:

#12 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 10:24 AM

OK

tried running the ESET but it was asking for a proxy address?

#13 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 10:36 AM

when I tried running the aswMBR it had an AVAST engine download error

does that mean it cannot get the latest definitions?

#14 PC rage

PC rage
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2012 - 10:42 AM

the ESET states, "cannot get update. Is proxy configured?"
ESET online scanner installation consists of three steps.
1. component download
2. component registration
3. start

use custom proxy settings - Configure

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 PM

Posted 02 October 2012 - 10:47 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users