1.
You should print these instructions before continuing. They will not be available after you shut your computer down in step 2.

2.
Click Start and then click Shut Down.

3.
In the drop-down list of the Shut Down Windows dialog box, click Restart, and then click OK.

4.
As your computer restarts but before Windows launches, press F8.
On a computer that is configured for booting to multiple operating systems, you can press F8 when the boot menu appears.

5.
Use the arrow keys to highlight the appropriate safe mode option, and then press ENTER.

6.
If you have a dual-boot or multiple-boot system, choose the installation that you need to access using the arrow keys, and then press ENTER.

Once you have it rebooted in safe mode, you should be able to connect to the internet and find and install Malwarebytes antimalware program. Once installed, run a full scan. I have gotten similar viruses and this has been the only way to correct it.

Granted, nuking your hard drive and reinstalling windows is always the safest bet, but for the future this should help get rid of the virus. I would install Malwarebytes now as a precaution should you get another virus in the future.

The infection Ron has is Reveton Ransomware.
While the above will get you back on the internet, it will not completely remove the infection and all of its components as well as other infections the PC may have due to the vulnerabilities created. This leaves your PC vulnerable to further infection and theft of information.
I highly recommend you seek the help of an IT professional to remove all components of the infection, even if you have to pay for it.
I have cleaned the infection from about 12 PCs in the last month. 3 of the PC owners actually paid the $200, which they will never see again.

antivirus

On Win 7, restart computer, look at bottom of screen, and push F button for setup (Usually F2), type admin password, using right arrow key, move across to Advance, push enter. There will be one or two items disabled. Using arrow keys, highlight each disabled entry, push enter to enable. Or, look at bottom menu, and push the F key to restore default, (F9 on mine)then the F key to save and exit.(F10 on mine) Computer will restart. Do a system restore a few days back, and you will be good to go. Malwarebytes is a very good antivirus, especially the advanced version, well worth the money. And once you have it downloaded and paid for, you can install it on other PCs with the code you will get when you pay for it. No antivirus program I know of will prevent this virus, or one like it that says you have illegal music on your PC (Which can be defeated the same way as described) Hope this works for you, it did for me several times. Have a wonderful day.

I am on Widows XP The virus version I had (Still unidentified) was not isolated in safe mode and if you went to safe mode with networking as soon as you tried to access the internet your screen went to background and no other function except pounding on your disk. I tried the standard windows restore and had no effect on it. I had Symantec go back and it did not remove it. I used information off the web and removed all registry entries identified by Symantec Mccaffrey Microtrends and AVG. Explorer was wiped all networking removed the main user profile and user files wiped and restored from a stand alone copy of known working clean windows it slowed the activation long enough to get to symantec security center and then locked giving the Ransom display. Windows was reinstalled over it from the CD and it remained. Formating wiped it.

If it was only the Identified Reventon just the registry entries I edited and removed should have cured it. I can say it resides within the operating system. I have 30 years experience in IT from the early versions of macro programs in Dec DDP1145 to Solaris UNix AIX etc etc and a vast group of support people I can write directly at Dell development and no one had a complete answer. Appreciate all the advice and help from those here but I am fixed.

I did feel an obligation to warn my fellow XSers if you do get it do not play with it as its primary desire is to gain access to your accounts and money.

Hey Ron, nice to see another long term IT guy on here. I first got my feet wet programming on a TRS-80 and playing with logic boards in '83. Branched off a couple times over the years into CNC Laser programming and vibration analysis then ended up right back in IT work.
I prefer to say when I started rather than how long I've been at it. Makes it not seem so long ago.

Hey Ron,

Dayam, that was a real nasty one! I was just wondering if you bothered to contact ABC and inform them of your infection, what video you had watched, etc? Also have you contacted AVG with the information?

I had actually NOT heard of this rootkit/virus, but I wouldn't have fallen for it because I know where I get my music from, my own records, CDS and sometimes iTunes, not places like P2P file sharing apps!!

Also, last year a company on Cnet Downloads was offering a free version of their hard drive backup/imaging type software, I got it, and after I had done my original install of WinXP onto my new homebuilt system, along with having all of the security updates and such to SP3 and all, I then ran the utility and created a set of reinstall DVD discs, and then surprisingly I got a chance to use them just a short time later, made wiping and reinstalling Windows much faster/easier than the Original OS discs and such!

Glad you got it wiped and running just sorry to hear that you had to do thru all of that trouble to get a clean machine!

T.C.

ABC evidently knew about it because they made the vidio not availiable. It was a pre release of Last Resort the new mini series they have aired.

I had stuff backed up to a degree my main effort was trying to identify what
it was. Kinda like being bitten by a snake you want to at least find it and cut its head off so you do not get bit again. Currently all I know is there is a version of the Ransom tied to streaming vidio that is bad news. If I had to name it it would be called Medusa.

Believe it or not, because of the association with them, the FBI is offering a remedy on their website. I was warned about this virus and couldn't believe the FBI had a solution for it. This was months ago.
For my money, or lack thereof, and according to most reviewers, the best and less intrusive anti virus, anti everything software is MS Security
Essentials, and the best part is that it's FREE !!
I'm an A+ and MCSE network engineer in the higher end tech support field.

Two cents worth.

No one program will catch everything. In general, freebie programs will only scan files after they are on your hard drive, paid-for versions scan as files are being downloaded. I use ESET Nod32, Malware anti-malware bytes (Mbam), Microsoft Essentials, and others including SpyBot, but mostly for its other utilities such as the Shred function. The MS program is free, ESET and Mbam are paid-for subscriptions.

I am an IT manager for an organization of about 175 users. Many of our PCs are laptops that travel. I have had to deal with removing viruses, but with the multi-program approach the frequency has gone down. Spend the money to get good anti-virus protection.

So do yourself a favor and do not rely on a single program. Avoid using public Wi-Fi when possible. Most of my portables now use cell card modems with unlimited data plans so users can avoid Wi-Fi.

Just like crashing on a bike, it is a question of when, not if, you will pick up a computer virus. Backup your data and keep a list of your software licenses. You will need both when you have to rebuild your PC.

For the record, I can remove most viruses, but have had a couple root-kit viruses that caused me to replace the hard drives in those units. There are some nasty bugs out there that cannot be defeated by booting into safe mode or going back to a restore point.