Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible trojan or rootkit after infection


  • This topic is locked This topic is locked
3 replies to this topic

#1 Kelta

Kelta

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 13 March 2018 - 11:06 AM

Hi,  This is my first post.  I am running Win10 Pro and have some experience of having dealt with virus infections. 

 

About 3 weeks ago, I experienced a possible ransomware attack that I picked up when visiting a compromised website.  The attack was unusual in that it immediately posted a screen warning me to not switch off my computer and I seem to remember their being vocal instructions.  I immediately hit power-off and then rebooted into safe-mode.  Could not identify any damage to files, so took backup of all user files (D: drive) updated since last backup and then reinstalled Win10 (C: drive), restored backed-up user files and overlaid any user file updates.  

 

I have noticed over last 3 days that when I restart my machine after it having hibernated, that it takes a very long time to restore with a blacked out screen.  As it happens I have been updating my toolkit and thought I would run a couple of scans in case.  So far I have run GMER, aswMBR and PC Hunter and all have abended.  Scanning with Stingerand TDSS Killer  found nothing. So I think that I may need a little assistance.  I have a current OTL list that I can post or anything else that is required.

 

 



BC AdBot (Login to Remove)

 


#2 Kelta

Kelta
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 14 March 2018 - 10:05 AM

Having reviewed some FRST logs, I realise that instead of a Win 10 clean install, I recovered using a backup and then overlaid user data files.  Please regard this request as closed.  Apologies if I have wasted anyone's time.



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,984 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:42 AM

Posted 14 March 2018 - 03:59 PM

Thank you for letting us know.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,984 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:42 AM

Posted 14 March 2018 - 03:59 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users