Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Infection


  • This topic is locked This topic is locked
59 replies to this topic

#16 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 15 December 2012 - 12:37 PM

No I did not notice that. Thanks for pointing it out. I will try to get those steps completed next week and get the report sent over to you. Enjoy your time off.

BC AdBot (Login to Remove)

 


#17 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 15 December 2012 - 01:16 PM

Thanks, hope to hear from you soon. :busy:

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#18 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 18 December 2012 - 01:01 PM

Cody,

Just wanted to let you know I have not forgot about this. I am hoping to be able to try to do some things this Thursday night. I will be in touch. Thanks.

#19 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 19 December 2012 - 02:46 PM

Hello Chiefsbro,

Thank you for the update.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#20 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 20 December 2012 - 01:33 PM

I am having issues getting someone to download the needed programs to run on my "sick" computer. I hope to have something by Saturday. Thanks for your paitence.

#21 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 20 December 2012 - 10:24 PM

I'll be here. :thumbup2:

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#22 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 22 December 2012 - 02:22 PM

Ok. So I have the CD and flash drive. I have gotten all the way to expanding mnt. When I do this it opens a folder for sda1. After that I am unable to find anything that says sdb1 or anything remotely matching that. There are many files and I am unable to locate the one that represents my USB. Any suggestions on where else to look? I am stumped as of now. Sorry for the trouble. Thanks.

#23 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 22 December 2012 - 06:17 PM

Hello Chiefsbro,

Are you sure you have the USB drive plugged into a working USB port?

sda1 usually represents your harddrive, not the USB drive we need. Try repeating the steps to see if xPUD recognizes the USB drive when you do it a second time.

You can also try taking out the USB drive, waiting a few seconds, then plugging it back in and seeing if it's recognized.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#24 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 22 December 2012 - 06:51 PM

I think I have it. How do I get it posted on here. I copied and pasted it into Word but the site wont allow me to "upload this kind of file" Can I just email it to you?

#25 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 22 December 2012 - 07:22 PM

Try this. I think I got it.

Attached Files



#26 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 23 December 2012 - 12:22 PM

Hello Chiefsbro,

Yes, that's it.

I will reply as soon as possible with your next set of instructions.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#27 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 23 December 2012 - 07:54 PM

Sounds good. Thanks.

#28 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:11:29 AM

Posted 25 December 2012 - 06:16 PM

Hello Chiefsbro,

Please boot into xPUD as you have done previously.

Please navigate to the following directory: c:\users\<username>\appdata\local

Please note all the files [not folders] contained here and enter them in a vertical list in your next reply.

---------------------------------------

Next, please disconnect the Ethernet cable from your computer.

Then power off or disconnect the power cable from your router.

---------------------------------------

Please let me know if the screenlocker is still present when you boot into Windows.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#29 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 26 December 2012 - 08:07 AM

Thanks Cody. I will try this as soon as I have a chance. I am working again with a busy week ahead. It may be the weekend again before I am able to try this. I will try to remember to post something telling you my status later in the week. I am hoping to have time Friday evening. Thanks.

#30 Chiefsbro

Chiefsbro
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:29 AM

Posted 28 December 2012 - 08:51 AM

I am going to give this a try tonight.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users