deraconteur 0 Report post Posted May 3 Good day, developers! Please my notebook is infected with a ransomware. I have run the two applications and here are the reports. Please can you help me? The files that are encrypted are very important to me. Thank you. FRST.txt Addition.txt scan_200502-202711.txt Quote Share this post Link to post Share on other sites
Amigo-A 135 Report post Posted May 4 Yes, malware is active on your system and loads with it. First you need to leave only one antivirus in the system. It must be 100% active and updated. It can be avast or Emsisoft Anti-Malware. This is necessary so that the antivirus switches to 100% protection mode. You also need to remove Hacktool.KMSAuto. While it is in your system, it can be the source of one of the infektsitsy or contain a backdoor or downloader. Quote Share this post Link to post Share on other sites
Amigo-A 135 Report post Posted May 4 After completing these steps, make a new scan and attach new logs to the your new message. Forum support specialists will tell you what to do next. Quote Share this post Link to post Share on other sites
GT500 835 Report post Posted May 5 On 5/2/2020 at 11:00 PM, deraconteur said: Please my notebook is infected with a ransomware. I have run the two applications and here are the reports. Please can you help me? The system is infected with a rootkit. I'm going to talk to other members of our team to verify which rootkit we're dealing with here before I try to help you remove it. Quote Share this post Link to post Share on other sites
GT500 835 Report post Posted May 6 @deraconteur please download RogueKiller by Adlice Software and move/copy it to your Desktop (don't open or run it from your web browser). Right-click on the RogueKiller icon you copied to your Desktop and select Run as Administrator. Select the language to use during the RogueKiller installation. Click on Next to continue the installation. Follow the on-screen prompts to install RogueKiller. When the installation is complete, click Finish. RogueKiller will launch automatically. Accept the license agreement, then click the Scan button in the left pane. Under the Standard Scan header, click Start to begin the scan. When the scan is complete, click the Report button. Do not click "Removal"! Click Export > Text file. Save the report to your desktop as RogueKillerLog.txt Click OK, then close RogueKiller. Attach the RogueKillerLog file to a reply for me to review. Note: The above instructions were borrowed from BleepingComputer.com, so if they are not up to date them please let me know and I will try to update them for you. Quote Share this post Link to post Share on other sites
