Jump to content

Trojan:Win32/Sabsik.FL.A!ml, how to fix this

iamscared
 Share

Recommended Posts

Maurice Naggar

Maurice Naggar

Posted
Posted (edited)

Hello @iamscared

My name is Maurice.  What nickname do you go by ?

Please understand that Malwarebytes has no decrypter tool of any sort for files damaged by ransomware.  I am curious as to a couple of things.

Is there actual messages for payment by crypto-coins ?   Can you get a screen grab possibly ?   CTRL-key + Printscreen key

Are some documents or image-files changed with odd looking Extensions in their file-names ?

Most important, exactly what security program is reporting finding    win32/sadsik.fla!ml   ?   Is that the Microsoft Defender antivirus ?  or is it another antivirus ??

Elsewhere you mentioned having run Farbar FRST

Please then attach the FRST.txt   +  Addition.txt   here in a reply to this thread here.

  • To attach  ( upload )  attachments please click the link as shown below. Then browse to where your file is located and select it and click the Open button.

_mb_attach.jpg

 

NOTE:  IF the machine is truly hit by encrypting ransomware, we cannot get those "cured".   Malwarebytes has no decrypter.

In cases like those, the best way to recover damaged files is from a prior Backup.

Edited by Maurice Naggar
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted (edited)

Getting the Farbar FRST reports would be very helpful. Be sure to do that.

The closest I can find at Microsoft Security about the detected trojan is one classified as Trojan:Win32/Sabsik.FL.A!ml

That is a malicious trojan.  MS does not indicate that this ia a "ransomware".

I would urge you to make time and be real sure to run this next special tool.  And right before you actually press the "scan" that you Close all web browsers.

Next steps.

Please  set File Explorer to SHOW ALL folders, all files, including Hidden ones.  Use OPTION ONE or TWO of this article

https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html

.

[   2    ]

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Look on Scan Options & select FULL scan.

Then start the scan. Have lots of patience. It may take several hours.

 

Let me know the result of this.    This is likely to run for many hours   ( depending on number of files on your machine & the speed of hardware.)

The log is named MSERT.log  

the log will be at  

C:\Windows\debug\msert.log

Please attach that log with your reply.

Edited by Maurice Naggar
corrected link to tenforums for #1
Link to post
Share on other sites
  • AdvancedSetup changed the title to Trojan:Win32/Sabsik.FL.A!ml, how to fix this
  • 2 weeks later...
  • 3 weeks later...
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.