Hi. A friend of mine has a laptop he was having some issues with (running slow, etc. ) so he gave it to me to look at. Before he gave it to me he ran CCleaner and
Defraggler thinking he could fix his issue.
He uses Avast antivirus free and Malwarebytes Pro for protection. I noticed both programs were alerting the user
to malicious programs and blocking them. I first ran Malwarebytes and it discovered Trojan Bedep (Nativehooks.dll); Rootkit Fileless MT Gen, and Trojan Clicker FMS.
I then ran Adwcleaner and noticed under the Files tab instances of Cryptowall, but they were all just the HTML, PNG, URL, and TXT instances... notifying the user
they have been hit by Cryptowall and how to pay, etc. The odd thing is none of his pictures and documents are encrypted... nothing is encrypted as far as I can see.
I was just going to do my usual run of Malwarebytes, Adwcleaner, Superantispyware, Junkware Removal Tool, and Kaspersky rescue disk to address his laptop, but now
I am curious... why are his files not encrypted? I have stopped my disinfection of his laptop at Malwarebytes, I have NOT let Adwcleaner do anything at this point
except for detection. I would like to learn something from this situation especially why his files did not get encrypted and of course it does need cleaned so...
where do we go from here to find out more about this? If I have to transfer files (logs) via a flash drive from his computer to mine to do this is there anyway
I can spread something from his computer to mine? Maybe I could just burn the log files to a cd rom? Help with this is appreciated!