« previous next »
Pages: [1]   Go Down

Author Topic: another weekendwarrior55.com  (Read 1110 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
another weekendwarrior55.com
« on: December 03, 2015, 07:35:58 PM »

Hi,
my computer is also infected with weekendwarriior55.com. I am sending you the required logs. Can you please help me?

Thanks




Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: another weekendwarrior55.com
« Reply #1 on: December 03, 2015, 08:12:54 PM »
Can you remember how you got this ?

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Download the attached  fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Scan with IDTool
 
Please download IDTool by Nathan and save the file to the desktop.
It will come as a zipped file, so you will need to unzip it. You may do it by right-clicking on it and choosing Extract All. Extract it to your desktop.
  • Enter the IDTool directory, right-click on icon and select Run as Administrator to start the tool.
  • IDTool needs Micorsoft .NET Framework environment to work properly, so if prompted to download & install it please agree
  • Wait patiently until the tool will collect necessary data
  • Once the main console is loaded, please press Rescan Computer and Generate a New Report.
  • When prompted at the main bar that Rescan is completed, press Generate Text Friendly Report for Forums.
  • Copy the entire content of the frame that appears. You may want to save it to a text file for your convenience
Please include that contents in your next reply.

FINALLY

Previous Versions
  • Right-click the file/folder and click Properties.
  • Click Previous Versions.
  • This tab will list all copies of the file and the date they were backed up.
  • To restore a particular version of the file, click Copy and select the directory you wish to restore the file to.
  • If you wish to restore the selected file and replace the existing one, click Restore
  • If you wish to view the contents of the file before restoring, click Open.
     
ShadowExplorer
  • Please download ShadowExplorer and save the file to your Desktop
  • Right-Click ShadowExplorer-0.9-portable.zip and click Extract All. Select your Desktop and click Extract
  • Right-Click ShadowExplorer.exe and select Run as administrator to run the programme.
  • You will see a drop-down menu with the shadow copies of all partitions and disks present.
  • Click C:\ from the drop-down menu.
  • To the right, pick a date prior to the infection from the drop-down menu.
  • To restore a whole folder, right-click on your desired folder and click Export. You will then be prompted as to where you would like to restore the contents of the folder to.
File Recovery Software
File Recovery Software may be able to recover the original file deleted by the infection. Please bear in mind, the more you use the machine after the files are encrypted, the harder it will be for the recovery software to recover your files.
Logged
Pages: [1]   Go Up
« previous next »