nuscher143
-
Posts
73 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by nuscher143
-
-
You can't make this stuff up. I have been working on it all day running in to one issue or another. Once I get one thing fixed there is another. I have not been able to restore back to factory settings. Then my battery was dying so I plugged in AC adapter and it is not charging. The AC adapter works in another computer. I don't have another laptop to charge the battery in. I am giving up. Thank you for all your help. I guess this will go in the grave yard with all my other old computers/laptops.
-
You said the virus is gone and won't spread? It appears to be live and thriving.
What do I need to do to restore to factory settings?
Are there drivers I need to save? What would you recommend?
-
I am in the process of moving a lot of files over to an external drive. I did not want to test the computer until I was sure that my untouched files were moved over safely. I do not think the virus is gone because last night after we restored the registry I did a search for the exe files that were causing the problems and they were still in the registry. After these files move over I will boot the computer in normal mode connected to the internet and let you know. I am moving 103G of info so it may take some time. Thank you for your patience.
-
Throw the computer out the window into the water and buy a new one as I am sure you want to do to me
I am in the process of making sure that everything I want is off of the laptop. Thankfully the files and folders that were encrypted I have backed up and on another computer and the other files I am putting in 1 folder and will put on an external drive. I would like to make sure that all of those files are free of any virus so that I don't reinfect the laptop.I also would like is to get the computer back to working order without the virus. With the registry restored to an earlier date does that mean that virus is gone or am I setting the laptop back to factory settings and starting all over?
-
so now what?
-
ok so I ran FRST64 and attached is the log after the fix
-
yes bad_system_config_info I went on some HP forums to see how else I could get in to the recovery section and I am able to at the moment so I am trying to do what you said.
-
sort of. F8 doesn't work with my laptop. I have to hit esc then I get a menu and F11 gets me to the recovery/repair menu. That is how I was doing it yesterday. But now when I choose F11 I get that blue screen message
-
I can't get into recovery mode. I get that blue screen. What am I doing wrong?
-
I can't run recovery anymore I get a blue screen. Like I described last night Bad_system_config_info
Also in cc cleaner I thought it asks you for the registry back up before you do delete.
I have attached the 2 files from getting as far as I could from your instruction.
What should I do next?
-
When you use cc cleaner and do a registry clean it asks if you want to back up your registry. That is how I backed it up.
How do you want me to use FRST to set the registry back to 6/15...and where is that back up from 6/15? I will check in the morn for your answer. Thanks.
-
I apologize for the long delay before responding however I was very busy today with work. I used cc cleaner and backed up registry that way. Is there a way to use a registry back up from cc cleaner to restore.
-
How do I install or set back my registry to an earlier date. I do not have any restore points but I do have a registry backed up as of June 1. I tried going into regedit and clicked import and imported that file but that didn't seem to do anything.
-
Here you go
-
ok I feel like a real idiot. I am trying to copy and paste the results and it is not working. I have tried all 3 of the icons above for paste I have tried, edit copy and paste I have tried ctrl c and ctrl v and I have done this on more than 1 computer. Can I create a pdf and attach and send?
Also of note..if I start my laptop in normal mode and disable the internet the dllhost does not propogate. And when I looked in services in task manager and I see Cryptoservices as a service that automatically starts. I am assuming that this has to do with this virus but you can't stop the service.
Please let me know how I can copy the results to you.
-
last question for the night...is it possible to just restore a backed up registry to get rid of the problem?
-
OK I have a lot of pictures on this laptop. It is going to take me some time to get them off. Thanks.
Will fill you in tomorrow.
-
ok if I need help is that something you can help me with? Is there any danger saving my files that have not been infected? Also I do not even know how I got this. I do not get email on this computer and I didn't download or click on anything recently. UGH.
-
So is this saying there is no way to get rid of this except to set my laptop back to factory settings?
-
told you what? about the files? I am noticing a bunch of files with that date and time. Some of them real files of mine that can't be opened and I did not look to see if I can find them in their correct spot that can be opened. I will try to download the file above and let you know what happens.
-
I don't know if this will help or not but I noticed that on 6/17/14 around 10:17pm is when this virus infected my computer. When I was trying to do the removal myself I found some txt files that talk about what happened to your files? And it goes on to say that they were protected by a strong encryption...blah blah blah. I can attach one of the files if you want but didn't want to risk infecting this computer or yours. It all points to that string D98DC1B67B00E6685B4D6BE175F855. I do remember on one of the scans D98DC1B* showing up. I had searched the registry through regedit to find all the instances of that and deleted it. Also in my research it said something about cryptowall or something like that virus. There were a bunch of exe files that were in run and I had deleted those as well.
I don't know if I am making sense. I do have backup registries I have one from June 1. Is there a way to just turn back the registry to June 1?
-
when I try to download to my flash drive on the "clean" computer my Norton is saying that the download is a Trojan.gen.2 virus. Should I shut off Norton and try again?
-
The original issue. The computer does not respond or takes a very very long time to respond. If I run task manager in normal mode dllhost.exe*32 and in description it says COM Surrogate is running many times and is eating up memory and CPU. Even if I end process it comes right back
-
Horrible. Same issue is going on.
I am in the process of making sure that everything I want is off of the laptop. Thankfully the files and folders that were encrypted I have backed up and on another computer and the other files I am putting in 1 folder and will put on an external drive. I would like to make sure that all of those files are free of any virus so that I don't reinfect the laptop.
dll host surrogate
in Resolved Malware Removal Logs
Posted
I can't even charge it. I have reached out to a friend who fixes computers to see if he can check out the AC adapter plug on the computer not the plug itself.