Ransom-ware

[edkaeser]

Thanks for any help!!!

I have attached a the FRST.TXT file from last run

Ed Kaeser

 

[Fiery]

Hi there,

FRST doesn't work normally in normal mode and we can't perform any fixes in it. We will have to use another tool.

Please print these instruction out so that you know what you are doing

• Download OTLPE from here to your desktop
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
• Reboot your system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• Wait for the CD to detect your hardware and load the operating system
• Your system should now display a Reatogo desktop
  Note : as you are running from CD it is not exactly speedy
  While in OTLPE, double click the OTLPE icon.
  
• Select the Windows folder of the infected drive if it asks for a location.
• When asked Do you wish to load the remote registry, select Yes.
• When asked Do you wish to load remote user profile(s) for scanning, select Yes.
• Ensure the box Automatically Load All Remaining Users is checked and press OK.
• OTL should now start
• Check the boxes beside LOP Check and Purity Check
• Press the Run Scan button
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to a USB drive if you do not have internet connection on the system.
• Please attach the content of OTL.txt in your next reply.