Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI money pak Virus


  • Please log in to reply
9 replies to this topic

#1 Jamiern

Jamiern

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 08 October 2012 - 01:00 PM

Virus showed up on 10/6/12. I am running windows 7 ultimate with mcafee. Have attempted to remove with malwarebytes x 2 (saturday and this morning) but keeps popping back up. Was able to boot into safe mode with networking earlier today but now just comes up black screen with
" safe mode" in all 4 corners. Also unable to boot into command prompt as it will not type. Tried to "repair" per one of the similar threads but cant remember password for admin (don't think I ever made one???) and it won't allow me to go any further
Please help

Jamie

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 AM

Posted 08 October 2012 - 01:10 PM

Do you have any other user account that doesnt have the ransomware pop up?

#3 Jamiern

Jamiern
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 08 October 2012 - 01:29 PM

Not that i know of on that computer...but if you tell me what to do to check for sure i will. I am somewhat computer illiterate.
Im working off my iPad right now and also have a work laptop if needed.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 AM

Posted 08 October 2012 - 01:36 PM

safe mode" in all 4 corners. Also unable to boot into command prompt as it will not type.


Are you referring to safemode with command prompt?

Restart the PC and press F8 on bootup and select SAFEMODE WITH COMMAND PROMPT.Let me know if you can see the command prompt screen

#5 Jamiern

Jamiern
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 08 October 2012 - 02:15 PM

I have actually tried both...

This morning I was able to boot up in "safe w/networking" and get to my desktop screen. Later, when I attempted "safe mode with networking" it will only boot to a black screen that has "safe mode" in white letters in all four corners of screen and "Microsoft version 7600" at top of screen.

I have just booted up to command prompt and it will now allow me to type into prompt (it would not before) but I still have the black screen with safe mode in all four corners behind it.

What should I type in?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 AM

Posted 08 October 2012 - 02:25 PM

In the command prompt type these commands and press <ENTER> for each

cd \windows\system32
rstrui.exe

System restore box should come up,select a previous restore point and restore.

Let me know if you can boot into either safemode or normal mode now.

Edited by narenxp, 08 October 2012 - 02:26 PM.


#7 Jamiern

Jamiern
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 08 October 2012 - 02:46 PM

It comes up but says "no restore points have been created" and when I go into "system protection" to create one as directed on the screen it does not give me an option to create one

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 AM

Posted 08 October 2012 - 07:12 PM

I have asked one of the malware response team members to assist you.

good luck

#9 Jamiern

Jamiern
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 10 October 2012 - 11:23 AM

Thank you.

#10 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:56 AM

Posted 15 October 2012 - 10:15 AM

Hello Jamiern :)

  • I apologize for the delay.
  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Posted Image Please download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please post the contents of this log into your next message.

Edited by Orange Blossom, 15 October 2012 - 10:27 AM.
Moved to log forum. ~ OB





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users