I hate computer viruses - Miata Turbo Forum - Boost cars, acquire cats.

Welcome to Miataturbo.net   Members
 


Insert BS here A place to discuss anything you want

Reply
 
 
 
LinkBack Thread Tools Search this Thread
Old 07-26-2013, 04:10 PM   #1
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default I hate computer viruses

I was just on my pc, I was giving another member some feedback for stuff I bought, and YouTube was open in the other window.
All of a sudden this big homeland security window pops up telling me to pay a $300 fine which can be done using money pack.
It's called the FBI money pack virus:
How to remove FBI viruses - Fake FBI malware removal (FBI ransomware) | Malware Removal - Software & Tutorials
Anybody else get this awesomely fun pain in the ***? What did you do to remove it?
thirdgen is offline   Reply With Quote
Old 07-26-2013, 04:16 PM   #2
I'm a terrible person
iTrader: (19)
 
FRT_Fun's Avatar
 
Join Date: Apr 2009
Location: Arizona
Posts: 7,293
Total Cats: 180
Default

People still get viruses?
FRT_Fun is offline   Reply With Quote
Old 07-26-2013, 04:22 PM   #3
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

I'm thinking of doing a system restore and going back 1 day, I never did that though...
thirdgen is offline   Reply With Quote
Old 07-26-2013, 04:24 PM   #4
Elite Member
iTrader: (2)
 
triple88a's Avatar
 
Join Date: Apr 2006
Location: Chicago, IL
Posts: 9,131
Total Cats: 598
Default

Unless you care about your **** sites browsing history for the 1 day theres no big deal to it. That is option 1, option 2 is complete reinstall.
triple88a is offline   Reply With Quote
Old 07-26-2013, 04:27 PM   #5
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

It's turned off, I don't have time to mess with it until later.
I think it's about time I install malware bytes.
thirdgen is offline   Reply With Quote
Old 07-26-2013, 05:04 PM   #6
Elite Member
iTrader: (1)
 
NA6C-Guy's Avatar
 
Join Date: Feb 2008
Location: Birmingham Alabama
Posts: 8,038
Total Cats: 43
Default

Not exactly sure how, but I haven't gotten a virus in years. I've taken certain steps, disabled certain applications in windows, and tweaked security settings, and it's seemed to work so far. I don't even use Update for the latest security ****. I've made my Windows 7 as simple, and old school as possible. Only modern feature I have is Aero. Then of course I avoid at all costs, shady looking websites that just have that virus smell to them. I'm sure most of us here have that keen eye to see that bullshit a mile away.

Malwarebytes does a good job, so long as the virus hasn't set roots too deep. Any issue I have had with malware in the last 5 or 6 years, has been solved with that program. I still do a routine hdd wipe and reinstall every 2 years or so, just to clean up the mess I make of my system. Also, if you know at all what a clean windows system folder looks like, you can possibly go in and look for files manually, which I've done from time to time.
NA6C-Guy is offline   Reply With Quote
Old 07-26-2013, 05:58 PM   #7
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

My pc is old...It's running windows xp.
thirdgen is offline   Reply With Quote
Old 07-26-2013, 06:00 PM   #8
Elite Member
iTrader: (21)
 
Join Date: Jun 2007
Location: Rochester, NY
Posts: 5,685
Total Cats: 558
Default

Microsoft Security Essentials is free and it works.

I've seen the "virus" you mention, and it's nothing more than a hack. Close your browser through task manager and clear the history.
rleete is online now   Reply With Quote
Old 07-26-2013, 06:27 PM   #9
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

I have security essentials on already...didn't even detect it.
If I power down my pc and restart it, my desktop screen comes up, then all the icons disappear, as does the start menu...then the virus will bring a screen up that reads "the computer is locked". I can move the screen, but cannot minimize it or anything.
thirdgen is offline   Reply With Quote
Old 07-26-2013, 07:01 PM   #10
Junior Member
iTrader: (1)
 
Join Date: Aug 2010
Location: Kansas
Posts: 82
Total Cats: 5
Default

My job is a computer repair tech. I remove this from many pcs a day

You need to boot into safe mode with command prompt. type explorer into the cmd window and hit enter. your desktop will come up. youll also need to have a piece of software called combofix on a flash drive. move that to the desktop and run it. when its done reboot to normal mode. download malwarebytes, update it and run it.

or you can pull the drive from the pc, hook it up as a secondary to another pc and scan it with something thats not a wanna be antivirus. I recommend kaspersky.

Ive run combofix on hundreds of pcs and never once had it give me problems or destroy an os. some people say it will screw up your machine, so be aware of that but I wouldnt be too worried.

Good luck man!
92dx is offline   Reply With Quote
Old 07-26-2013, 09:13 PM   #11
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

Where do I get combofix? I've never heard of it. I was planning on running explorer with the safe mode command prompt...I'm not home, tonight I'll kick it's ***.
thirdgen is offline   Reply With Quote
Old 07-26-2013, 09:30 PM   #12
Elite Member
iTrader: (12)
 
Join Date: Apr 2008
Location: Longs, SC
Posts: 2,583
Total Cats: 13
Default

Quote:
Originally Posted by FRT_Fun View Post
People still get viruses?
+1
icantthink4155 is offline   Reply With Quote
Old 07-26-2013, 11:30 PM   #13
Newb
iTrader: (1)
 
Join Date: Jun 2010
Posts: 38
Total Cats: 1
Default

Quote:
Originally Posted by thirdgen View Post
Where do I get combofix? I've never heard of it. I was planning on running explorer with the safe mode command prompt...I'm not home, tonight I'll kick it's ***.
get it from here

ComboFix Download
Boosted Escort is offline   Reply With Quote
Old 07-27-2013, 01:13 AM   #14
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

It won't let me start in safe mode w/ command prompt, or safe mode with networking. If I select either one it tells me "scan for viruses" and a pile of other crap on a blue screen.
Now what? I'm thinking this might end up as a hard drive pull, and scan it as a secondary hard drive to get rid of this ****. Unless you guys have other tricks in mind?
thirdgen is offline   Reply With Quote
Old 07-27-2013, 01:21 AM   #15
Junior Member
iTrader: (1)
 
Join Date: Sep 2008
Location: SA,TX
Posts: 248
Total Cats: 8
Default

So does take over on boot up of the computer? If so it's easily fixable. I've seen many of these come through work and while the file that runs this has gotten a bit better hidden it's still fairly easy to fix without an os reload.
NastyNate is offline   Reply With Quote
Old 07-27-2013, 01:23 AM   #16
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

If I just turn on the pc, it goes to desktop then the system blocked screen shows up.
If I try to load any kind of safe mode, it'll give me a blue screen saying to remove viruses and a bunch of stuff.
thirdgen is offline   Reply With Quote
Old 07-27-2013, 01:30 AM   #17
Junior Member
iTrader: (1)
 
Join Date: Sep 2008
Location: SA,TX
Posts: 248
Total Cats: 8
Default

look up MRI soldier X. MRI is a geek squad tool that has what you need. The program within it is start up manager. Don't let the name fool you though as you can see every file on the computer. Specifically, you can show what is running when you log-on. In the past you just needed to look for a file name of ctfmon.lnk However, I've seen recently that it is now changed and hiding in app data and by a different name.
Easiest way is to shut everything off under the user logon section of and go from there. I forgot to mention that you do have to boot to the disc and not the os.

let me know and I can take some screen shots to get you pointed in a better direction. Using MRI I can usually kill this in less time than it takes to boot to the disc.
NastyNate is offline   Reply With Quote
Old 07-27-2013, 01:52 AM   #18
Slowest Progress Ever
Thread Starter
iTrader: (26)
 
thirdgen's Avatar
 
Join Date: Oct 2007
Location: The coal ridden hills of Pennsylvania
Posts: 5,806
Total Cats: 183
Default

So how do I get it to boot if it won't even startup in safe mode?
thirdgen is offline   Reply With Quote
Old 07-27-2013, 01:56 AM   #19
Junior Member
iTrader: (1)
 
Join Date: Sep 2008
Location: SA,TX
Posts: 248
Total Cats: 8
Default

Get into the bios and change the boot priority. Depending on your brand it may be different that others. Once you change the boot priority to cd then hdd. it should take care of itself.
NastyNate is offline   Reply With Quote
Old 07-27-2013, 04:00 PM   #20
Junior Member
iTrader: (1)
 
Join Date: Aug 2010
Location: Kansas
Posts: 82
Total Cats: 5
Default

Sounds like your only option left is to pull the drive and scan it on a different machine. There are many different variants of the "fbi virus". Some will copy to your restore points and make removal that much harder. When you get it cleaned up, Get your java and adobe flash player up to date there are tons of java exploits that lead to infections such as this. You can also look into making a kaspersky boot disc that has a their scanning engine and the lastest virus deffinitions from kasperskys site. Boot to that and give it a shot.
92dx is offline   Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
Buzzing from driver side of engine bay? (MS3 install) nick470 MEGAsquirt 7 06-16-2017 02:53 PM
Hey everyone another n00b here Big_gumby Meet and Greet 80 10-05-2015 05:06 PM
Going back to stock. Need some 1.6 parts. Trent WTB 2 10-01-2015 01:15 PM


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -4. The time now is 05:10 PM.