Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI moneypac & restart every 60 secs even in safe mode


  • Please log in to reply
24 replies to this topic

#1 SupremeDiva

SupremeDiva

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 02:33 AM

Hello! I hope someone can help me. I've viewed all of the other posts but I don't see where anyone else is having the same problem. Any assistance will be greatly appreciated!

I an using a Dell Inspiron laptop with 32 bit Windows Vista Home Premium

Today I started getting weird pop ups and my google was redirected on firefox and chrome. Then my firefox got stuck. I couldn't close it with the red x or right click from the task bar. I tried to control alt delete to access task manager. It would pop up and immediately disappear.

I attempted to restart by control alt delete and got a pop up that said:

"Windows has encountered a critical problem and will restart automatically in one minute. Please save your worth now."

I allowed my computer to restart. When it restarted, the FBI Moneypac screen came up. Scared me to death! I restarted in safe mode and the FBI screen didn't come up, but I got the"critical problem" message again.

I searched around on the internet for solutions on my cell phone and found I should disable my internet which I did, but I keep getting the"critical problem" message". The computer won't stay on long enough for me to download a fix or do anything before it restarts! I am sending this message from my cell phone. I also tried the safe mode with networking to no avail.

Any help would be greatly appreciated! Thanks in advance!

BC AdBot (Login to Remove)

 


#2 MousePad

MousePad

  • Banned
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 07 October 2012 - 02:41 AM

Hello sorry to hear you are infected. Please do these steps.
:step1: Go to this forum: MalwareRemoval Forum.
:step2: At the top it shall say what logs and what programs are needed
:step3: Then please start a new topic there with all the things needed.
:step4: Provide the experts with information of whats going on. They will take care of you. Not a 100% guarantee :/
Thank you.

~MovingTheMouse~

Edited by MousePad, 07 October 2012 - 02:43 AM.


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 03:12 AM

Hi SupremeDiva,

Please restart your computer in Safe Mode Command Prompt. Does the critical error message still occur there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 01:54 PM

Yes! So I am unable to complete the tasks the the previous person told me to. I can't download anything to create logs or do anything before the system restarts. I called Microsoft. They said I have several different viruses: FBI Moneypac, sirefef, etc. and tried to charge me $100 which I don't have.

If I restore to factory settings will that work? I bought this thing at Best Buy three years ago and it didn't come with any kind of discs... Is there anything you guys can think of?

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 01:59 PM

Please disregard the other post, just let me know if you can work in Safe Mode. :)

These infections (I suspect besides the screenlocker Sirefef is indeed present also) can be cleaned I just need to know what possibilities you have when booting.

If safe mode command prompt doesn't work we will simply use a bootable disk or usb drive to replace the file that is causing the crashes.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 02:26 PM

No, I cant do anything in any of the safe modes. I checked all three and I get the "critical problem" message and the system restarts.

Also my notifications aren't working on this site. I set then up like the instructions told me to, but I'm not getting emails. And yes, in checking spam folder. :)

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 02:29 PM

Notifications can be sometimes buggy unfortunately. You can alternatively click on the drop down menu next to your profile picture in the top/right corner and select My Content, that will show all topics you participate in, sorted on newest replies.

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh -f
  • Press Enter
  • Type services.exe and press enter.
  • After it has finished a report will be located on your USB drive named filefind.txt
  • Remove the USB drive and insert it back in your working computer and navigate to filefind.txt

    Please note - all text entries are case sensitive
Copy and paste the filefind.txt for my review

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 02:33 PM

Can this be done on my cell phone? That if how I'm communicating with you...

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 02:45 PM

No, you'll need a computer that has the capability to burn a CD (we can do the same for an USB drive). Alternatively if you have your Vista disk or any other bootable disk this is fine too.

If none of that is an option, do the following, start your computer, tap F8 until the Advanced Boot Options menu comes up and select Repair Windows, if that is present there. Let me know if this successfully loads the Recovery Environment.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 02:53 PM

Okay and thank you so much Elise! I am in System Recovery Options

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 02:57 PM

Okay, please click on STartup Repair (after you select keyboard layout and enter your password if asked). With a bit of luck Startup repair should fix the services.exe file (the one that is patched) and remove the moneypak screenlocker in the process. :)

Startup Repair will run for a bit, then tell you to restart. After restarting let me know what the state of the machine is.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 02:58 PM

Okay. Should I start in Normal mode?

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:56 PM

Posted 07 October 2012 - 03:00 PM

Yes, after finishing the startup repair try normal mode first. If it doesn't work, try all safe modes.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 03:00 PM

It says: Startup Repair could not detect a problem

#15 SupremeDiva

SupremeDiva
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Close to the Edge...
  • Local time:10:56 AM

Posted 07 October 2012 - 03:15 PM

Still getting the message in all safe modes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users