New
#11
It may also be a problem with your browser. Try another browser.
NOTHING appears to work!!! The Paperclip utility I see is supposed open up the BROWSE to where your upload is, well it does not give me that with 1 click, 2, or rt click and Open. I finally Manually copied them both but was too BIG to allow me to post it. Even ONE time trying one method or another after I grabbed one with Copy and went to Paste in message box to you - this time the PASTE was actually Highlighted [dark] so would have thought that it would actually paste - but NO it did not. WHAT to do......???
TKS michael
YOU hit it on da head - was the IE Browser- here ya be, finally:
FRST_15-11-2014_10-41-25.txt
Addition_15-11-2014_10-41-25.txt
WOW after 3 Hours of head banging.....HALLELUIA!
Glad you got it solved. I wish all problems were that simple.
A little story on the side - an hour ago I wanted to upload a video to Youtube using the IE. I could not connect to the uploader at all. After 3 tries I gave up.
Then the wife said: " Why don't you try another browser". I used Chrome and it worked perfectly - Daah, as if I could not have come up with that myself. LOL.
Hi all,
Feel free to Reset ie and Delete personal settings and test after,
Export Favorites to html file before resetting Internet explorer/ just to be safe.
https://www.sevenforums.com/tutorials/86795-internet-explorer-import-export-favorites.html
Tutorial of Resetting Internet explorer,
https://www.sevenforums.com/tutorials/1222-internet-explorer-reset.html
Accessing Internet Options from the Start menu search,
Reset process first opening Internet explorer
Manage add-ons applies to all versions,
http://windows.microsoft.com/en-us/internet-explorer/manage-add-ons#ie=ie-10-win-7
cygerized,
Has something like the above shown at some point? If not, is it possible for you to post a capture of the info presented?
Screenshots and Files - Upload and Post in Seven Forums
There are a few versions of this ransomware, and it is best to know what you are dealing with.
I'm sure DonnaB will stop by to analyze the FRST reports.
.
Last edited by cottonball; 15 Nov 2014 at 23:56.
Thank you all for helping out here. You did a great job! :)
Hi cyberized,
The team did a great job getting the files needed for review. I will be able to remove cryptowall-ransomware though the encrypted files cannot.
Your computer is heavily infected.
WARNING:
One or more of the identified infections is a backdoor trojan/rootkit.
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
If the infected computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect it from the Internet until your system is cleaned. ALL passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. You should change each password by using a clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you will need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified as soon as possible due to the possibility of the security breach.
Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS.
Because your computer was compromised please read the following links:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When should I re-format? How should I reinstall?
To remove the infection, please do the following:
Download attached fixlist.txt file. You'll have to save it to your Downloads folder since that is where FRST(x64) is located.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will create a log (Fixlog.txt) in the Downloads folder. Please attach it to your next reply.
When done see if the issue is gone.
Next:
Please download AdwCleaner by Xplode and save to your Desktop.
- Double-click AdwCleaner.exe to run the tool.
Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.- Click the Scan button.
- AdwCleaner will begin. Be patient as the scan may take some time to complete.
- The contents of the scan results may be confusing. If you see a program name that you know should not be removed, uncheck the results and please let me know about it.
- Click the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
- Copy and paste the contents of that logfile in your next reply.
- A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Next:
Please run FRST (x64) again and attach the fresh log.
Thank you,
Donna :)
Hi cyberized,
Are you still with us here? Please follow the instructions in my last post and attach the resultant logs. We will do our best thereafter to see about getting your files decrypted.
Donna :)