Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


computer locking virus

  • Please log in to reply
3 replies to this topic

#1 mockjt


  • Members
  • 1 posts

Posted 05 September 2013 - 12:53 PM

I've gotten a full screen pop up on my PC twice now. Its called Mandiant U.S.A Cyber Security. On initial boot up, everything is fine. I log in as usual and before my desktop comes up the screen goes white and this fake full screen page comes up on my PC. Its saying something like the FBI have seized my computer for possession of banned pornography. There is a timer of 48 hours to pay them $300 or all info on my PC will be taken. The first time it happened I managed to get the ddesktop up and run Malware Bytes. It came up with 9 Trojans and eliminated them. The PC worked smooth with no viruses for two weeks. It is now back and I can not get to the desktop at all. I logged into a guest user and now running scans. I run Malware Bytes and SuperAntiSpyware. Are there any stronger thing out there that can hunt down the bug still hidden inside? Please help me

Edited by Orange Blossom, 05 September 2013 - 01:01 PM.
Mpved tp AII from Windows 7. ~ OB

BC AdBot (Login to Remove)


#2 wing987


  • Members
  • 177 posts
  • Gender:Male
  • Location:Payette, ID
  • Local time:11:37 PM

Posted 05 September 2013 - 01:15 PM

you should look at this:



-- Windows 7 Ultimate on custom built system, Windows 10 on under powered laptop. Sophos UTM 9, Ubuntu Server and Windows Server 2008 R2. HyperV Virtualization --


"The hottest places in hell are reserved for those who in a period of moral crisis maintain their neutrality," John F. Kennedy

#3 AnthonyBugg


  • Members
  • 6 posts
  • Gender:Male
  • Location:United States
  • Local time:01:37 AM

Posted 05 September 2013 - 01:23 PM

Boot into safe mode without networking. Get a usb and put these programs on it then run them on safe mode.






Next open cmd and type in the following: 

assoc .txt=.txt
assoc .exe=.exe
assoc .jpeg=.jpeg
assoc .png=.png
assoc .mpeg=.mpeg
Then save that code as a .bat and run it. That should make all the extensions change back to default just in case the virus changed some and i hope this helps.                     

#4 computerrepair94


  • Members
  • 41 posts
  • Gender:Male
  • Location:Blackpool, UK
  • Local time:05:37 AM

Posted 05 September 2013 - 04:43 PM

Its ransom-ware.

Step 1 - Boot in the safe mode with CMD, hit F8 repeatedly when you turned on the computer.

Step 2 - Type in explorer and that will open up the desktop. 

step 3 - Go to your computer once clicked. Go to top left and click *Organize* and go to *folder and search options* and make sure *show hidden files, folders and drives* is ticked, *That is under Hidden files and folders*

Step 4 -  go to users, then go to eg- (your name), then in that go to appdata, then roaming.

Step 5 - Delete "cache.dat" and "cache.ini"

Step 6 - Reboot the computer into your normal version of windows.

Step 7 - Download and install Malwarebytes - http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html and Hitman pro http://www.surfright.nl/en



Your Computer should be fixed, any problems, just message me.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users