Hello Dragons Point, welcome to Bleeping Computer's Malware Removal forum!
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.
Please read through the points below to ensure this process moves as quickly and efficiently as possible.
- Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
- Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
- Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.
- If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
- Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
- I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean".
- Ensure you are following this topic. Click at the top of the page.
Can you please help me get rid of the and retrieve the documents?
We can clean your computer, but recovery of files encrypted may not be possible I'm afraid. Whilst there are options we can explore, unfortunately there are no guarantees.
Please run the following diagnostic scans so I can ascertain the state of your computer.
Farbar Recovery Scan Tool (FRST) Scan
- Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
- Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
- Right-Click FRST.exe or FRST64.exe and select Run as administrator to run the programme.
- Click Yes to the disclaimer.
- Ensure the Addition.txt box is checked.
- Click the Scan button and let the programme run.
- Upon completion, click OK, then OK on the Addition.txt pop up screen.
- Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
- Please download TDSSKiller and save the file to your Desktop.
- Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
- Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
- Click Start Scan. Do not use the computer during the scan.
- If objects are found, change the action to skip.
- Click Continue and close the window.
- A log will be created and saved to the root directory (usually C:\). Attach (not copy/paste) the file in your next reply.
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
- TDSSKiller log (attached!)