Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove ransomware with any traditional methods


  • This topic is locked This topic is locked
7 replies to this topic

#1 Shadow Wizard

Shadow Wizard

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 28 January 2013 - 01:30 PM

I have a particular nasty version of one of these ransomeware viruses on a customers computer. But none of the traditional methods work.
I boot into safe mode with networking (or without) and the computer just reboots.
I place the HDD in an non infected computer and run malwarebytes, and it doesn't find it.
I create a hitmanpro kickerstarter USB key, and boot off of it, and it finds 2 infected files. I remove them manually, and the virus is still there.
I try and do a system restore to an earlier point, and it fails.
Obviously I have no logs I can post, and cannot run any programs on this computer, I am at a total loss as to what to do.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 AM

Posted 28 January 2013 - 09:21 PM

I'll report this topic to appropriate helpers.
Hold on...

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 lmbee59

lmbee59

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 28 January 2013 - 11:55 PM

Deleted this post....misread SW's post and didn't realize the options I gave are the ones he had tried and didn't work. sorry!

Edited by lmbee59, 29 January 2013 - 12:00 AM.


#4 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 PM

Posted 29 January 2013 - 08:48 AM

Hi ShadowWizard,

My name is etavares and I'll be helping you with this issue. First things first, what version of Windows is installed on this system? It will change our approach. Also, can you boot into Safe Mode w/ Command Prompt? Or the same reboot issue?

I'm also moving this to the Virus Removal forum since we'll need log files and this is definitely an infection.

-etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#5 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 PM

Posted 01 February 2013 - 08:21 AM

Hi, do you still need help?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#6 Shadow Wizard

Shadow Wizard
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 01 February 2013 - 03:18 PM

Sorry.
Despite the fact it said the system restore failed, it actually did restore the system, and it was removed.
Thank you anyway.

#7 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 PM

Posted 02 February 2013 - 06:54 AM

Thanks for letting us know.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#8 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 PM

Posted 02 February 2013 - 06:54 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users