First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Help to sniff a virus rasomware attack

  • retag add tags

Hello, my name is Erick. I desire a good day for WireShark Team. I need urgently support. I was attacked by one djvu ransomware virus variant with fgnh extension, and online key id. I have this virus infection in a windows 10 64 bits in a flat laptop, only with wifi. I already install wireshark in safemode. But I boot windows 10 64bits in normal status. Wireshark dont open. and dont let me scan wifi network to get package attack.

I saw that virus dont affect, Windows - System folders.

If There some support agent could help me, to find a manner of open wireshark and scan packages, for get the key and test it with a decryptor. I will very grateful.

I could share more info about virus, if there someboby have knowledge in encryption.

God bless you Sincerely Erick

ystudio's avatar
1
ystudio
asked 2022-03-08 00:30:22 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Running Wireshark on a compromised machine to capture traffic seems a bit pointless to me, how do you know that the malware isn't spoofing the traffic?

If the aim is to remove the malware, please locate a suitable support channel for that, e.g. the Bleeping computer malware removal forum.

If the aim is to use Wireshark to investigate the malware traffic, then the compromised system should be isolated and Wireshark used on a known clean system used to take the captures, e.g. by using a switch and mirroring the traffic.

grahamb's avatar
23.8k
grahamb
answered 2022-03-08 08:40:47 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer