Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ransomware issues? [Closed]


  • This topic is locked This topic is locked

#1
Waltzx2

Waltzx2

    New Member

  • Member
  • Pip
  • 1 posts
I was just browsing the internet when this little Java box pops up (I don't really know how to describe it, it pops up with information about your Java. It's white... I also use Opera... if that helps). I closed it (not a clue why it opened, I was only on youtube and it normally doesn't show up.) I then think (my memory is bad so please bear with me) something popped up saying Java wanted updating (I clicked no because it came out of no where and I usually close Jucheck.exe when I turn my computer on because it gets really slow when too many processes run). This is the point where Spybot - Search and Destroy pops up saying that an unknown publisher wants to make changes to my registry. Getting a bit miffed, I click no. It pops up again so I click no once more. Then suddenly Windows Explorer stops working and this thing pops up saying something along the lines of "Are you happy with this control panel?) I don't click anything as by this point I don't have a clue what's going on. This is when this thing pops up saying that I'm locked out of my computer by the government for downloading music and software illegally. A robotic voice also states it (it sounds like one of those text-to-speach things) and that I have to pay a fine to unlock it. Panicking at this point, I pull my laptop battery out and restart. I don't know what this is because I was able to boot in safe mode (without networking) and most things seem to say that you will be locked out of even safe mode. I've done a quick scan with Super anti-spyware but it didn't find anything. I'm sorry if I'm posting this wrongly but I'd really appreciate some help, thank you in advance!

I've also noticed in Programs and Features something called "JavaFX 2.1.0" and something else called "shortcircuit" I have no idea what they are or even installing them... could they be related?
  • 0

Advertisements


#2
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Hi Waltzx2 and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:
  • Please watch this topic.
  • Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
  • Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous.
  • You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

Step 1:
Posted ImageOTL
OTL is currently our primary tool for searching key areas of the registry and other system locations for the telltale signs of malware. It generates a comprehensive log, and offers an initial diagnosis.

  • Download OTL to your desktop.
  • Double click on the OTL icon to run it.
    Posted Image
    Make sure all other windows are closed and to let it run uninterrupted.
  • Select: options:
    • All users.
    • 64-bit scan if appears.
    • Under Extra registry select Use SafeList
    • LOP Check
    • Purity Check
      Posted Image
  • Under the Custom Scan box paste this in:

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run scan button.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.
Posted Image

Step 2:
  • Download aswMBR to your desktop.
  • Double click the aswMBR.exe to run it.
  • Agreed to update.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop as asw.txt and post in your next reply.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP