+- Discovery Gaming Community (https://discoverygc.com/forums)
+-- Forum: The Community (https://discoverygc.com/forums/forumdisplay.php?fid=4)
+--- Forum: Real Life Discussion (https://discoverygc.com/forums/forumdisplay.php?fid=16)
+---- Forum: Software & Hardware (https://discoverygc.com/forums/forumdisplay.php?fid=17)
+---- Thread: I got a strange virus, need help (/showthread.php?tid=93311)
I got a strange virus, need help - ryoken - 01-30-2013
Ok here go's. Was serfing net, looking for a movie, and poof. I get this white screen saying my comp is locked pending investigation for down loading copy right material, ilegal software and so on. Pay $100.00 and comp will be unlocked in 72 hours pending investigation.
Now everytime i turn on comp, and go to administration account i get this white screen. I try safe mode, and comp reboots to normal mode. I cannot access nothing on Admin account.
Now i log into other user account(where i am now) and starts fine, so i know this is not real, but some type of virus/scam.
Anyone ever hear of this? Or should i just wipe drive, and re-install everything all over again, which i really do not want to do.
RE: I got a strange virus, need help - sindroms - 01-30-2013
Yeah, there was a warning about those here in Latvia lately. Let me try and find the link, it showed how to remove it.
RE: I got a strange virus, need help - Huhuh - 01-30-2013
I'd backup as much data as I could and re-format. Other than that, you could take it to a tech, but I'm guessing he'd do what I suggested, but for a fee (unless of course he/she can remove the malware).
RE: I got a strange virus, need help - ryoken - 01-30-2013
(01-30-2013, 08:23 AM)Crackpunch Wrote: I'd backup as much data as I could and re-format. Other than that, you could take it to a tech, but I'm guessing he'd do what I suggested, but for a fee (unless of course he/she can remove the malware).
I would, but cannot back up 600 gigs of movies/music/games and so on. I cannot even get on WoTs now as user account does not have permission from admin account lol.
I find it interesting i cannot even get in with Safe Mode. But second i do comp shuts down, and re-boots normally. So it has to be in config somewhere. Problem is i cannot do anything on the admin account, not even open task manager. It fills entire screen so you cannot click any thing, and right click does nothing.
RE: I got a strange virus, need help - sindroms - 01-30-2013
http://malwaretips.com/blogs/your-computer-has-been-locked-virus/
RE: I got a strange virus, need help - Daron - 01-30-2013
Get an offline virus scanner which are called rescue disk:
http://www.avg.com/eu-en/avg-rescue-cd-download
http://www.avira.com/en/download?product=avira-antivir-rescue-system
http://downloads.netmediaeurope.de/4057/kaspersky-rescue-disk-10/
And it's always a good idea to have a hardcopy of any live Linux CD - most useful is Parted Magic:
http://partedmagic.com/doku.php?id=downloads#.UQjOEGcrzKQ
RE: I got a strange virus, need help - SMGSterlin - 01-30-2013
I had this same kind of virus a while back.
FBI Moneypak Virus, said the FBI locked my computer, "you have to pay this $300 fine to unlock your computer, you have to pay with MoneyPak" blah blah... I think I fixed it by starting up Safe Mode with Networking, and using Malwarebytes to remove it, but this doesn't seem to be an option in your case.
http://botcrawl.com/how-to-remove-the-fbi-moneypak-ransomware-virus-fake-fbi-malware-removal/
Try this, see if anything there helps.
RE: I got a strange virus, need help - ryoken - 01-30-2013
Well i tried a system restore under my second user to a couple weeks ago, and was able to get into comp now.
So new question. It seems to be gone, so should i worry about hunting it down to see if it is somehow still lingering?
This was what i had.
http://guides.yoosecurity.com/locked-by-police-cybercrime-investigation-department-virus-malware-scam-ransomware/
Also how to get cmd propt in windows 7 to do a regedit?
RE: I got a strange virus, need help - sindroms - 01-30-2013
Windows button + R
Type in REGEDIT
RE: I got a strange virus, need help - SMGSterlin - 01-30-2013
(01-30-2013, 09:14 AM)ryoken Wrote: Well i tried a system restore under my second user to a couple weeks ago, and was able to get into comp now.
So new question. It seems to be gone, so should i worry about hunting it down to see if it is somehow still lingering?
This was what i had.
http://guides.yoosecurity.com/locked-by-police-cybercrime-investigation-department-virus-malware-scam-ransomware/
Also how to get cmd propt in windows 7 to do a regedit?
Ah... THAT'S how I fixed it, I remember now. I initially tried to use Safe Mode and Malwarebytes, but that failed. Then I did a system restore to an earlier point and it solved it.
This was like 3-4 months ago I would say, maybe longer, and I never did any follow up removal, and I haven't seen any sign of the virus yet. So I would say you are most likely safe from the virus restarting itself, but I would do a thorough virus scan if I were you.
EDIT: I find it funny how your virus says pornography is illegal and can get you imprisoned for 2 years. xD