Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! FBI Department of Justice Virus Took over my computer...


  • Please log in to reply
14 replies to this topic

#1 lostoam311

lostoam311

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 29 May 2013 - 07:05 PM

Running Windows 7 on a Gateway N214 laptop (did not come with any start up disc)

haven't downloaded anything lately except Adobe updates which now I think have been 'bogus'...

Turned on my computer 3 days ago and a snapshot of me was in the corner saying I downloaded something illegal and owed the government $450 or I'd go to jail...

I called department of justice and they said it was a virus...

I restarted my machine and pressed F8 and F12 and got the DOS prompt to Repair computer, so I tried to Restore to a previous date, but that didn't work (there was only one date)...

Then I tried to restore my computer to factory settings, but now it won't come up with anything... I can't get past "Windows could not complete the installation, please restart windows to complete the installation" so I press 'OK' and it restarts and comes to the same error message... I can't get past this... someone Help Me Please!!! I don't care if I lose everything at this point, I just need my computer back up and running... I've been using Microsoft Security Essentials as my virus program, but evidently that doesn't work... 

Thanks for any help you have to offer...

 

 

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal



BC AdBot (Login to Remove)

 


#2 Nobyl

Nobyl

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 29 May 2013 - 07:12 PM

Hello,  i will assist you with your problem.

                               Reboot your computer then tap F8 until you get a screen a advanced option screen use the arrow keys to navigate to Safe mode with networking. After your windows has booted up Install Hijack this then post your findings on a reply and i will assist you further.



#3 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 29 May 2013 - 07:22 PM

just tried that...  Safe mode with Networking...  sits there for a minute, then restarts and comes to same prompt saying 'Setup is Starting Services'...  windows could not complete installation, yada yada yada...   :lmao:    

I click on 'safe mode with networking' and also 'safe mode with command prompt' and the same installation error message comes up... I also tried "last known good application start up" or something like that and it still goes to the same error screen... windows could not complete installation... uggghhhh... I appreciate you helping with this! any other ideas??!

Edited by bloopie, 01 June 2013 - 08:47 AM.


#4 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,232 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:02:07 PM

Posted 29 May 2013 - 10:46 PM

Best to post this in the malware forum lostoam311... there's guys down there who deal with this locked version every day.

 

Editing your registry without knowledge or experience is very dangerous... you can make your machine unbootable.



#5 vulcain

vulcain

  • Members
  • 165 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:05:07 AM

Posted 30 May 2013 - 10:05 AM

Hello,
Even in this virus works without failure mode, start in Command Mode <invite In Safe Mode echec>
Normally, there is the command rstrui.exe Who launches restoration, sorry BUT I Can not do more.
BUT RogueKiller should then delete it.
XP in video for Who Should Remain Valid casting Vista, Seven: by running System Restore from the menus to "repair my computer".

Ask your confirmation experts forum disinfection.

 

 

"https://www.youtube.com/embed/bpp2x88ys7E?feature=player_embedded"

 

 

The translation from French to English with google, I hope this is understandable.
Sincerely,

Edited by vulcain, 30 May 2013 - 11:18 AM.


#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:07 AM

Posted 30 May 2013 - 12:21 PM

As your system is unbootable, I will report this topic to the helpers who specialize in unbootable machines.

 

Another member should be with you before too long.

 

Stay tuned!

 

bloopie


Edited by bloopie, 30 May 2013 - 12:22 PM.


#7 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 30 May 2013 - 01:20 PM

ok thank you!  I have TWO of the same Gateway N214 laptops...  I did find some Recovery Discs for the working machine that I made after I bought it...  Just tried putting those in the machine, but not sure how to 'boot from disc'...  would those even work for another computer??!  They are both the same exact laptops bought at the exact same time...  I just made recovery discs for the working one and never got around to making them for the one that has the virus on it now...  

Thanks for the help!


Edited by Orange Blossom, 30 May 2013 - 03:28 PM.
Moved to log forum. ~ OB


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,583 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:07 AM

Posted 30 May 2013 - 03:18 PM

Hi and welcome.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.

  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt

    Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 30 May 2013 - 04:17 PM

I cannot get past Setup is Starting Services...  Control Alt Delete does not work and when I hold down the Power button, it turns off...  Then I push Power again, continuously push F8 over and over again...  nothing happens...  it just says "Resuming Windows"...  Then it says Setup is Starting Services again...  I take the disc out, repeat the steps, and it does the same thing...  How do I get past this screen??!  

Thank you for your help!



#10 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 30 May 2013 - 09:43 PM

I don't care about any information on it at this point...  I just need a Working Computer!  any information I had on this laptop can be replaced...  So can someone help me to simply format this to when I bought it...  That would be a major help!  Thank you



#11 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:11:07 PM

Posted 30 May 2013 - 10:05 PM

Try the following which is from
http://gateway-us.custhelp.com/app/answers/detail/a_id/2631

  • Restart the computer.
  • When the Acer logo appears on the screen, press the left Alt, and the F10 keys.
  • If you are prompted with a Microsoft Windows boot screen, press the Enter key.
  • After the Acer eRecovery Management application has loaded, select your restore type.
  • Read the notice, and then click Next when you are ready.
  • Click Next to begin the restore process. The restore can take anywhere from 10 minutes up to an hour.
  • Once the restore is complete your computer will load Windows and start installing your drivers and software. Your computer may reboot several times during this process. After everything is complete your computer will be like it was when you first purchased it.

 

If that doesn't work

 

read this. There is a link here which will take you to a page detailing how to enable the boot menu.

http://gateway-us.custhelp.com/app/answers/detail/a_id/29935



#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,583 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:07 AM

Posted 30 May 2013 - 10:09 PM

Thanks, Queen-Evie.

 

Was about to post the same thing.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 30 May 2013 - 10:23 PM

Okay, Alt F10 got me off of that annoying Setup Services Screen...  working through the options now...  I'll let ya know if it works...  crossing fingers!



#14 lostoam311

lostoam311
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 31 May 2013 - 12:30 AM

losing interest in all this...  sorry, don't know how you guys do it...  it's just frustrating how someone can disrupt my life and make me erase and reload everything I've done for the past year...  

Found Alt F10 at boot up to reboot and format computer...  Looks like it's working so far...  been loading programs and starting up for past hour, so hope this works...  

 

if this does work, I will let ya know!  again, crossing my fingers...

 

What FREE virus program can I download to help my computer be protected from this point on??!  I've been using Microsoft Security Essentials, but evidently that didn't do the trick...  Is there a better program to run on my laptop after I get it reloaded?!!

 

been at this for a few hours now, so think I'm gonna call it a night...  again, thanks for everyone's help and I'll let ya know if this formatting works...



#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,583 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:07 AM

Posted 31 May 2013 - 02:02 PM

There are no protection against new variants, until discovered. The only way you can avoid being infected is observing good practices while online. Stay away from Peer to Peer networks.

I would recommend AVAST as an antivirus and Malwarebytes Antimalware as such.

 

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article    by Miekiemoes.

Best wishes! icon_hello.gif
 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users