Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ice Cyber Crime Ransom Virus [Closed]


  • This topic is locked This topic is locked

#46
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/24/2014
Scan Time: 12:31:36 AM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.24.01
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Andre Stone

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 277924
Time Elapsed: 7 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Josh, I never received notification to "quarantine all." I had to export the report and then copy and paste. I could not use the button that said "Copy to clipboard." I hope I did it correctly.


  • 0

Advertisements


#47
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Attached File  HtmlReport.zip   306.78KB   60 downloadsAttached File  HtmlReport.zip   306.78KB   60 downloads


  • 0

#48
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Restore Point was successful


  • 0

#49
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

I got a message that said "Disk Management - The Logical Disk Manager service is disabled. A connection cannot be established. Unable to connect to Logical Disk Manager service."


  • 0

#50
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

The system list was topped with 3 error messages with red x. They were followed by information/warning entries


  • 0

#51
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts

How about Windows Update?  Also do you have paid for MBAM premium protection?  It looks like you're clean now.  Let me look into the disk management thing real quick.


  • 0

#52
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts

For disk management let's try this:

 

  • Go to start menu
  • Click control panel
  • Open administrative tools
  • Open services
  • Double click the Logical Disk Manager service
  • Set startup type to Automatic
  • Click the Start button

dm.jpg

 

Then follow the same steps as before and let me know what happens:

 

  • Go to start menu
  • Click control panel
  • Open administrative tools
  • Open computer management
  • On the left side click disk management and let me know if it succeeds or if you get an error message (you should see your hard drives on the right side)
  • close disk management

  • 0

#53
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hi Josh,

 

I was able to do the Windows update. It seem to process and update without any problems. However, when I attempted to repeat the process, it keeps opening Internet Explorer and asking me to ativate Active X. Should I do that?

 

Also, when I was looking for the Kapersky Html zip folder, I came across a folder named Crypto. Should I leave that folder alone?


  • 0

#54
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts
it keeps opening Internet Explorer and asking me to ativate Active X. Should I do that?

 

If you are following the link from the start menu programs folder yes you should activate.  Make sure you're following that link though.

 

Should I leave that folder alone?

 

Yes leave that stuff alone.

 

The only thing left to do is fix disk management which isn't terribly important it's not essential to the functioning of Windows.  After that use your computer for a day or so and let me know if everything is functioning properly.  If so I will give you my all clean speech to clean up the utilities we used and then important information on how to stay safe in the future.  We win !


  • 0

#55
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hi Josh,

 

I am currently running the 30 day trial of MBAM. I am going to upgrade to a premium package. 

 

I was able to complete the disk management and see the hard drives as you mentioned.

 

Josh, it seems as though my computer is processing very slowly though? Is that typical? Also, Google Chrome seems to get stuck and say "Would you like to kill the page or wait for further processing?"


  • 0

Advertisements


#56
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Josh,

 

I've noticed that when I'm shutting my computer down,  I get at a message that says kss.exe not responding - end now. Should I be worried about that?


  • 0

#57
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts
Josh, it seems as though my computer is processing very slowly though? Is that typical? Also, Google Chrome seems to get stuck and say "Would you like to kill the page or wait for further processing?"

 

Your computer should be as fast as it was before the infection.  Your scans are coming up clean so I'm inclined to believe your computer is clean unless you have some tricky rootkit or a new malware variant both of which I think are unlikely.  What is going slowly?  You can also check for which program is using your cpu by right clicking a blank area on the taskbar and clicking task manager.  The performance tab will tell you how much of your CPU is being used in the CPU Usage meter.  If it's consistently high like more than 90% something's definitely using your resources.  You can see which processes are using how much CPU by going to the Processes tab then click the CPU column header twice which will put the most demanding processes on top of the list.  If you see a process other than System Idle Process that is using lots of resources let me know so we can investigate.  Also you can go to the Performance tab in task manager and investigate your memory usage under the Physical Memory (K) section.  If the Available memory is less than 100000 that would indicate a performance issue as well and let me know.

 

I've noticed that when I'm shutting my computer down,  I get at a message that says kss.exe not responding - end now. Should I be worried about that?

 

Dont' worry about that, that's just Kaspersky Security Scan.  You can remove it by going to the start menu --> control panel --> add or remove programs --> select kaspersky security scan and click remove.


  • 0

#58
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Hi Josh,

 

My computer is still very sluggish. It takes quite a bit of time to launch Google Chrome. Per your instructions, I have noted the following:

 

  • CPU usage is consistently at/or around 99. 
  • Available physical memory fluctuates at 846000

  • 0

#59
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts

So if task manager says cpu usage at 99 in the performance tab, the next step is to go to the processes tab and figure out which process is hogging the resources.  You can see which processes are using how much CPU by going to the Processes tab then click the CPU column header twice which will put the most demanding processes on top of the list.  If you see a process other than System Idle Process that is using lots of resources let me know so we can investigate.


  • 0

#60
unique101sd

unique101sd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
 
The site's security certificate is not trusted!
You attempted to reach 1.1.1.1, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications.
You should not proceed, especially if you have never seen this warning before for this site.
Proceed anyway Back to safety
 
 
Josh, 
This is the message that I get when I try to open Google Chrome. After 2 or 3 attempts, and some waiting, it eventually opens up. Should I be worried about this?
 
The only demanding  process that I see on the list is System Idle Process. 

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP