.

Please Help

<<

scott88

Newbie
Newbie

Posts: 2

Joined: Thu Dec 08, 2011 11:06 am

Post Thu Dec 08, 2011 11:21 am

Please Help

Please Help!!!

On Tuesday night i ended up with the win32\cryptor virus on my PC where it closed down everything on it, i have since then managed to get the internet back after running MBAM and clearing all noticable viruses, but when running it in Safe Mode i noticed that i am now not the Administrator even thow when run in normal mode it says i am.

Is it possible to fix this? and can i get my files back, as i have some pictures of centermental value i would love to get back. when i run a scan i can still see the files for these but cant get to them. ??? :'(
Last edited by scott88 on Thu Dec 08, 2011 11:46 am, edited 1 time in total.
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Thu Dec 08, 2011 11:33 am

Re: Please Help

This probably isn't the best forum to get help with cleaning an infected computer (as my first reaction is to direct you to format the drive), but I'll try to help as much as I can.

I would try to use the instructions found here:
http://www.bleepingcomputer.com/combofi ... e-combofix
If you're unable to download the tool on your computer, download it on another computer and copy it over with a USB drive. If that doesn't help, they have (in my opinion) the best forum for troubleshooting this type of issue.

Good luck!
Put that in your pipe and grep it!
<<

scott88

Newbie
Newbie

Posts: 2

Joined: Thu Dec 08, 2011 11:06 am

Post Thu Dec 08, 2011 11:35 am

Re: Please Help

Will try.  Thanks
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Thu Dec 08, 2011 12:33 pm

Re: Please Help

Pull your data off and re-format.
<<

millwalll

Post Mon Dec 12, 2011 6:59 am

Re: Please Help

The chances are the virus has marked the folder as hidden. If you boot into safe mode run mbam making it sure its up to date once this has done. You will then need to go to view folder options show hidden files then if you go to my picture you see the folders marked as hidden click prop ties and unhidden
<<

r2s

User avatar

Newbie
Newbie

Posts: 49

Joined: Thu Sep 16, 2010 6:14 pm

Location: USA

Post Mon Dec 12, 2011 8:32 am

Re: Please Help

In progress: OSCP & GXPN (June)
"Silence enables the sound to be" - Eckhart Toll
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Dec 12, 2011 11:55 am

Re: Please Help

r2s wrote:One of the best resources I've ever used:

http://www.hiren.info/pages/bootcd
http://www.hirensbootcd.org/download/


+1.  I discovered Hiren's BootCD earlier this year, love it.  It's great having all the tools right there.
GSEC, eCPPT, Sec+
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Mon Dec 12, 2011 12:05 pm

Re: Please Help

r2s wrote:One of the best resources I've ever used:

http://www.hiren.info/pages/bootcd
http://www.hirensbootcd.org/download/


Thanks for this, adding to my tool collection!
Put that in your pipe and grep it!
<<

jsloan1223

User avatar

Newbie
Newbie

Posts: 20

Joined: Tue Apr 24, 2007 3:46 pm

Location: North Dakota, USA

Post Mon Dec 12, 2011 1:21 pm

Re: Please Help

I second the comment for www.bleepingcomputer.com
Good luck to you.

Return to Malware

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software