I think I've been hacked

Signed-In Members Don't See This Ad
navycop

navycop

Member
Joined
Nov 4, 2010
Messages
2,333
Location
Virginia Beach, VA 23454
I have two desktop computers (this one and one upstairs). The upstairs one has somekind of message saying my computer is locked. I have to pay $50. to some company called "Bitinstant" for music that they say I pirated...It also says to log in to "Walmart" and pay the money there.. On the top of the page is "Celas".. The message includes my IP address and host numbers..
As anyone else encountered this? And how (if at all) can I change my IP address.. My big question is: Why isn't this one affected also..Thank you..
 
Signed-In Members Don't See This Ad
Boot into safe mode, run a malwarebytes scan
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
You might need to download it on a clean computer that has access to the internet (put the download on a thumbdrive to install on the infected computer)

Next get you some good anti-virus software. I like Avast. It works. avast! Free Antivirus | Download Antivirus Protection Software

I would also get ccleaner to clean up all your temp and internet history files.
CCleaner - PC Optimization and Cleaning - Free Download

All of these have a free version and I use them all.

https://www.bitinstant.com/ is a wireless transfer company (like western union)

CELAS HOME PAGE is a music online store.
They have this on their webpage.

Latest Press Releases



Statement on computer locking scam - 12th April 2012



CELAS has been alerted to the fact that some internet users have had their computers blocked after watching videos online with a message from ourselves saying they would need to pay £50 to have their computer unlocked.

This is an internet virus or scam and has nothing to do with CELAS or the police. We are currently investigating this issue.
We advise internet users to:

Not make any payment to have your computer unlocked
Update their anti-virus and firewall software
Alert their internet service provider if this problem persists
CELAS does not charge users to watch music videos online and never has. If you would like to report an online scam or virus please visit: Report it | Action Fraud.
 
Avast is good i think its free version is actually rated better then norton and mcafee pay versions
 
Akula said:
Boot into safe mode, run a malwarebytes scan
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
You might need to download it on a clean computer that has access to the internet (put the download on a thumbdrive to install on the infected computer)

Next get you some good anti-virus software. I like Avast. It works. avast! Free Antivirus | Download Antivirus Protection Software

I would also get ccleaner to clean up all your temp and internet history files.
CCleaner - PC Optimization and Cleaning - Free Download

All of these have a free version and I use them all.

I have used these for years with good success :smile:
Click to expand...
 
You may have to get to a point where you can run any of the above programs. Once infected, some of these malware programs will not let you launch any of the above programs. The registry is corrupted and small applications are left on your computer. So, restore your computer to a previous version by using these instructions: http://kb.iu.edu/data/ajuv.html and then run the malware removal program.
 
combofix.org is a good program also I use it before I qould use malwarebytes, faster and runs itself.
Just follow the instructions and run it in safe mode for best results
 
The first thing that I would do is boot into safe mode and then do a system restore to a time prior to the problem. Then I would run the updated virus and malware scans.
 
Thanks guys. I tried installing the anti virus stuff off a thumbdrive..The computer won't let me do anything.. My user icon comes up. When I click on it the page that i mentioned in my original post comes up. I cant even get to the start menu or anything...Is there an "F" key i can hit while it is booting up?
 
you need to boot into safe mode and different ways to get into safe mode

best to give as much info as you can when seeking help
Operating system
Computer brand
what anti-virus you have installed
what you have done to correct any error
copy and past any error messages so we know exactly what we are dealing with

XP is usually F8 when the computer is booting up (keep tapping F8 while the black screen is still on, if you get any windows screens, start over)

Once in safe mode, then start your install, one at a time. Do not install any new anti-virus until you remove your old protection...they do not work well together (do not mix Avast with Nortons ect) Start with Malwarebytes (it's not anti-virus and works well with all programs).


FWIW, I like Norton and McAfee...not because they are any good...but because they paid the bills when I had to go fix all the problems LOL
 
Go into "Safe Mode" by turning the computer off and turn it back on. Start pressing the F8 key. A menu will come up, use the one safe mode with networking.
 
I still recommend that once you are in safe mode, the first thing to do is a system restore to a restore point prior to the problem. Then, update or replace your anti-virus/malware protection and run a scan. It is very likely that this will completely solve your problem relatively painlessly.
 
Thanks everyone for your help. I went to system restore and picked a date last week. I seems to be running fine now..Oh I did do malware and various scans on it also.
 
These Script kiddies most likely from Nigeria or China, and are writing some pretty nasty PHP code, they got into my webhost and really did a number on my site, but it was all wierd stuff, pirated software for sale and strange stuff, I reported it to my Host they played dumb but I found out that when my tool site was down it was because they had been hit hard, and while they were covering their butts with that mess these punks went into several of their other servers and gained access to several thousand accounts that were still active, one was my Leapwood Pens site.
Isn't modern technology wonderful, or is it just a seriously ignorant element of society.
 
bitshird said:
These Script kiddies most likely from Nigeria or China, and are writing some pretty nasty PHP code, they got into my webhost and really did a number on my site, but it was all wierd stuff, pirated software for sale and strange stuff, I reported it to my Host they played dumb but I found out that when my tool site was down it was because they had been hit hard, and while they were covering their butts with that mess these punks went into several of their other servers and gained access to several thousand accounts that were still active, one was my Leapwood Pens site.
Isn't modern technology wonderful, or is it just a seriously ignorant element of society.
Click to expand...

Time to find a new web host/ISP
 
You must log in or register to reply here.
Back
Top Bottom