Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: FBI Ransomware

03 Jun 2013   #31
trampy

windows 7 home premium 64 bit
 
 

Sorry I fell asleep before I saw your reply,heres the new log




Attached Files
File Type: txt Result.txt (3.5 KB, 4 views)
My System SpecsSystem Spec
.
03 Jun 2013   #32
cottonball

Windows 7 Home Premium
 
 

trampy,

My apology for the delay. Real life stuff to do.

Since the following steps involve editing the Registry, please create new restore point before proceeding.
System Restore Point - Create
Select: Option Two

~~~~
Now, please download ESET's ServiceRepair:
http://kb.eset.com/library/ESET/KB%2...icesRepair.exe)
Save to the Desktop.
Double-click to run the downloaded file.

When the program runs, a prompt appears asking if you want to proceed.
Click: Yes

When the Services routine is Completed, you are asked to Reboot.
Click Yes to allow the reboot.

The tool creates a folder named CC Support on the Desktop.
Please provide the CC Support\Logs\SvcRepair.txt in your reply.

~~~~
Last, run the Farbar Service Scanner once again.
Select all the options.
Press: Scan
Please provide the new FSS.txt in your reply. (Check out the date to make sure you have the right one.)
My System SpecsSystem Spec
03 Jun 2013   #33
trampy

windows 7 home premium 64 bit
 
 

Sorry for taking so long had some things to do, here are the logs.


Attached Files
File Type: txt FSS.txt (2.8 KB, 4 views)
File Type: log SvcRepair.log (11.7 KB, 2 views)
My System SpecsSystem Spec
.

04 Jun 2013   #34
cottonball

Windows 7 Home Premium
 
 

trampy,

Let's merge a missing key into the Registry:

Please open Notepad by pressing the Windows key and the R key at the same time.
In the Open area, type: notepad
Copy and paste all the text inside the code box below to Notepad:

Code:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]
"AutoStart"=""
In Notepad, go to File > Save As
Save the file to: Desktop
Save the file as: fixacn.reg
Save type as needs set to: All files

On the Desktop, double-click: fixacn.reg
When a box pops up, click: Yes
Confirm the key was added to the Registry
Click: OK

Restart the computer.

On the Desktop, right click fixacn.reg, and select: Delete
Also empty the Recycle Bin.

~~~~
Now, once again press the Windows key and the R key at the same time.
In the Open area, type: services.msc

In the Services console, make sure Security Center is there, and:
Startup Type is set to: Automatic (Delayed Start)
Service Status is set to: Started

Do the same for the Windows Update service.

When done, please run the Farbar Service Scanner once again, and post its FSS.txt report.


~~~~
Also download Security Check:
http://screen317.spywareinfoforum.org/SecurityCheck.exe
Save it to the Desktop.
Double-click SecurityCheck.exe and follow the onscreen instructions (on the black screen)
When done, a Notepad document opens automatically: checkup.txt

Please post the contents of checkup.txt in your reply.
My System SpecsSystem Spec
04 Jun 2013   #35
trampy

windows 7 home premium 64 bit
 
 

On the services list it doesn't say started foe either but when I open them on list it says they are started.


Attached Files
File Type: txt FSS.txt (2.0 KB, 6 views)
File Type: txt checkup.txt (1,018 Bytes, 4 views)
My System SpecsSystem Spec
05 Jun 2013   #36
cottonball

Windows 7 Home Premium
 
 

trampy,

The FSS report looks good now.


Security Check shows no AntiVirus program.
Please take action to install an AntiVirus program!!! <<--- Important!

The following free AVs are available:
Microsoft Security Essentials: Microsoft Security Essentials Download | Free Spyware Protection
Avast! Free: http://www.avast.com/free-antivirus-download
Avira AntiVir: Avira Free Antivirus 2013 | Download Best Free Antivirus Software
(Note - Avira may install a version of the adware/spyware Ask Toolbar. Suggest you Uncheck this option when installing).

Once done installing an AntiVirus program, run a Full scan, and post back on what it found, if anything.



Also take care of the following. It is a vulnerability that you cannot afford to have:
Java version out of date!
Please verify your version of Java, and, since it is outdated, proceed to update it:
Verify Java Version
When done, uninstall older versions:
How do I uninstall Java on my Windows computer ?
My System SpecsSystem Spec
05 Jun 2013   #37
trampy

windows 7 home premium 64 bit
 
 

Sorry the avast scan on reboot took about 3 hours, where can I find the log?
My System SpecsSystem Spec
05 Jun 2013   #38
cottonball

Windows 7 Home Premium
 
 

In avast!, press Scan Computer

There is an option there: Scan Logs
Click on it, and you get a new window with the Completed scans.

Your scan should be there.
My System SpecsSystem Spec
05 Jun 2013   #39
trampy

windows 7 home premium 64 bit
 
 

I hope this is the right log, its the boot log.


Attached Files
File Type: txt aswboot.txt (35.8 KB, 0 views)
My System SpecsSystem Spec
05 Jun 2013   #40
cottonball

Windows 7 Home Premium
 
 

Navigate to the following by right-clicking the Windows 7 orb and selecting Open Windows Explorer:

C:\ProgramData\Avast Software\Avast\report\aswBoot.txt

Click the > to the left of the following (in sequence):
Local Disk C:
ProgramData
Avast Software
Avast
report

In the report folder, look for: aswBoot.txt

It should open in Notepad.
My System SpecsSystem Spec
Reply

 FBI Ransomware




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Crypto Locker ransomware
I heard reports of a new piece of malware that is going around. This one is particularly nasty, It Encrypts all of the data on your drive and mapped network drives with a RSA 256 bit AES key. Once encrypted there is no way to decrypted. The only way to get the files back is from an off site backup...
System Security
How to get rid of MoneyPak ransomware infection
My husband's user account has been taken over by the FBI-MoneyPak virus and is currently unusable. The other two accounts on the computer are password-protected (his isn't) and seem OK for now. I ran Windows Security Essentials and Malwarebytes scans from my account and they detected nothing. How...
System Security
help needed ransomware
Firstly hi all.A few nights ago I was stung with the met police operating system locked,screen it looked a it iffy but I still panicked,with being quite a newbie with pc's,not knowing at the time, what it was my first reaction was to do a full,system recovery back to factory settings,it was lucky...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:52.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App