Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! PC blocked! Need to pay $100 to MoneyPak?


  • Please log in to reply
4 replies to this topic

#1 HELP?!?!

HELP?!?!

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 09 June 2012 - 05:53 PM

Hello,

HELP! HELP! HELP!

On June 9th, I woke up in the morning and turned on my computer as usual and JUST when I logged in my ENTIRE Screen becomes this alert from the "Computer Crime & Intellectual Property Section" of the "United States Department of Justice". This message covers my screen like a screensaver, there is no "X" out button or anything.

Here is what the message says:

ATTENTION!!!
Your PC is blocked due to at least one of the reasons specified below.

You have been violating Copyright and Related Rights Law (Videos, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright Clause which states.

To unblock the computer, you must pay the fine through MoneyPak of $100.
How do I unlock computer using the MoneyPak?

1. Find a retail location near you.
2. Look for a MoneyPak in the prepaid section. Take it to the cashier and load it with cash $100. A service fee of up to $4.95 will apply.
3. To pay fine, you should enter the digits MoneyPak resulting code in the payment form and press OK.




I've done some searching around on the net and I've found that Green Dot MoneyPak has been used in frauds, randsomeware, and spam. I don't think this is real and I do not want to make a fraud payment.

When I use safe mode on my computer, this message does not appear and my computer functions normally. Also, I have other computers that use the same wireless network as my "infected" computer and none of them show this message during any time. This all seems really fishy and I REALLY NEED SOMEONE TO HELP ME WITH THIS! Please send me your thoughts and advice!

BC AdBot (Login to Remove)

 


#2 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:01:16 AM

Posted 09 June 2012 - 11:23 PM

Welcome to the forum!

Let's see what the following short scan shows...

Please download RogueKiller

•When you get to the website, go to where it says:
(Download link) Lien de téléchargement: Posted Image
•Click the dark-blue button to download.
•Save to the Desktop

•Close all windows and browsers
•XP: Double-click the program to run it
•Vista/seven: Right-click and select 'Run as Administrator'
•Press: SCAN
•A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.

Note:
If RogueKiller is blocked, do not hesitate to try running it again.
If it still fails to run, right-click on the downloaded icon and select: Rename
Then, rename it to winlogon.exe and try again.


If you cannot download, but can run programs, instead of downloading the program requested to the problem computer, download it to a clean computer.

Next, save it to a USB flash drive (or SD Card), move it to the Desktop of the infected computer, and run the program as described at the beginning of these instructions.

Old duck...


#3 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:01:16 AM

Posted 09 June 2012 - 11:23 PM

See if you have the Directory Service Restore Mode in your boot options, and use it for the above, or, if it does not work, use Safe Mode with Networking.

Edited by Aaflac, 09 June 2012 - 11:26 PM.

Old duck...


#4 HELP?!?!

HELP?!?!
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 11 June 2012 - 01:56 PM

Hello,

Thank you for your reply! Really, thank you so much!! However, a friend came over and did the following to my computer:
1. Ran my anti-virus software (Avast)
2. Did a thorough scan of my computer
3. Avast found 22 viruses
4. Put all 22 viruses in the "chest" (isolation software of Avast)

What do you know, my computer is right as rain! However, I'm still a little bit weary and I'm a little nervous about whether EVERYTHING about that nasty virus is gone. Can you please give me some advice on how to make sure that EVERYTHING is Back to normal on my computer?

#5 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:01:16 AM

Posted 11 June 2012 - 06:14 PM

What do you know, my computer is right as rain! However, I'm still a little bit weary and I'm a little nervous about whether EVERYTHING about that nasty virus is gone. Can you please give me some advice on how to make sure that EVERYTHING is Back to normal on my computer?


Sure!

However, in order to provide you with a reasonable assurance that all is well, information is needed!

The Operating System that you are running is good to know. Posted Image
Also, if you provide the report requested above, that is a good start.

In addition, please do the following:
Download DDS
Save to the Desktop

XP: Double-click the downloaded file to run the program
Vista/Windows 7: Right-click DDS and select 'Run as Administrator'

When done, DDS opens two logs:
-DDS.txt (Opens on the Desktop)
-Attach.txt (Minimized on the TaskBar)

Please post both reports (do not attach) in your reply.

Old duck...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users