Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected Desktop


  • Please log in to reply
3 replies to this topic

#1 colbyc

colbyc

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 09 April 2013 - 03:01 AM

Mod Edit:  Split from http://www.bleepingcomputer.com/forums/t/490815/need-assistance-with-green-dot-moneypak-virus-win-xp-sp3/#entry3022599 - Hamluis.

 

I apologize for posting in the wrong section; however, I am new to the forums and did not see an option to start new thread. I am sure this will be moved to the appropriate location. I have a desktop computer that uses Windows XP. I also have a laptop and a 256 MB flash-drive that I am using to repair the infected computer. The desktop became infected with the FBI Moneypak virus. At first, I could log on and open task manager or whatever I desired, but it was very slow and I was unable to delete things or end tasks. Soon after Windows started, it would bring up the FBI scam page. It brought up a black background page with a webcam box and an audio prompt saying the computer is locked and that I need to pay $300. I kept restarting and tried to find something that would fix it before Windows started. I went to BIOS and Boot Menu and Recovery. I do not have a recovery disc, so the recovery option would not work. I tried employing Fail-safe defaults under BIOS. I also tried enabling "Reset Configuration Data -> Extended System Configuration Data." The computer would not allow me to start in Safe Mode, Safe Mode with Command Prompt, Safe Mode with Networking, Restore to Last Working Configuration, or even Start Windows Normally. I found a suggestion on these forums saying to install HitmanPro (64 bit). I followed the video's instructions to convert my Flash-drive into a HitmanPro flash-drive. I inserted it into the infected computer. The light on the flash-drive flickered green, at first, then turned off. Finally, I got the light to remain green. This should indicate that the computer recognizes the device. I changed the priority boot to external (flash-drive) and tried to boot using the flash-drive (external). The device was not listed, but when the computer starts up it runs something and I see the name of the USB Storage Device: Scandisk... It is too fast for me to read the whole thing. Anyway, it is not giving me the option to boot with this or run the program to scan it (HitmanPro), yet it recognizes the device because it says the name of it. It keeps attempting to boot normally (or safe mode, I'm not sure). It then returns to the boot menu (actually, I think it is not called the boot menu but it is a menu that gives me the options to boot using safe mode, safe mode with networkingm safe mode with command prompt, last known good config., & normal). What do I do now?


Edited by hamluis, 09 April 2013 - 09:02 AM.
PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 colbyc

colbyc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 09 April 2013 - 09:10 AM

The ethernet cable has been unplugged and the computer is disconnected from the internet. I also tried to put Kapersky WindowsUnlocker onto a CD so that I may be able to boot from CD since booting from USB Flash-drive was not working. It said Windows was unable to complete a format of the disc.



#3 colbyc

colbyc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 09 April 2013 - 09:13 AM

Burn of Kapersky img file to disc using Nero failed at 24x (speed).



#4 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:02:09 AM

Posted 09 April 2013 - 10:25 AM

Hi, welcome to BC!

 

If you have not been able to burn the Kaspersky Rescue disk you may want to try:

 

You may want to go to http://www.bleepingcomputer.com/virus-removal/ and see if you can find your particular malware.  Make sure that you look carefully at the screen shots and pick the correct one as they are similar but not the same.

 

Let me know if this helps.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users