01-01-2013 08:31 PM
I tried the fix and it didn't go so well. I tried to run the custom code below in safe mode with networking and the malware wouldn't let it run, it went to the FBI screen again after I clicked run fix in OTL. Now I see a couple new files added on my desktop, a .bat file and a .ini file (can't see names) that must be from the malware. Problem is I think it now morphed into my safe mode because I can't even boot up to the desktop now in safe mode without networking, the FBI screen shows up every time I try to briefly and then it goes to a blank gray screen where I can't do anything. I try to go to task manager and that doesn't work either.
Now I'm really at a loss on what to do. Can it be fixed through the command prompt or is there another way?
01-01-2013 09:32 PM - edited 01-01-2013 09:38 PM
Boot into safe mode with command prompt and type in explorer.exe when CMD appears and hit enter..your desktop should now appear..now try OTL fix again.Ensure to keep the network cable/internet unplugged..dont forget to upload the folder for me as said in my otl fix
Dont delete any files on the desktop..they are system files...I will rehide them at the end.
01-03-2013 08:20 PM
I tried multiple times to boot into safe mode with command prompt and it takes me to the log on page where I enter my password for Windows, then after I log in it gives the FBI/Moneypak screen where I can't do anything. Is there another solution we can try?
01-04-2013 01:37 AM
Lets get behind this ransom's ass...
01-05-2013 10:52 AM
I'd like to try the fix you are suggesting but I can't get to the desktop at all. At start up I have tried to boot to safe mode, safe mode with networking and safe mode with command prompt and each time it now brings me to the malware FBI message that completely locks up my PC. Can't get around it to task manager or anything. Before I tried the OTL fix I could at least boot up to safe mode, now I can't even do that. Even when I try to boot to the command prompt it still loads Windows and then I get the screen message.
Thoughts on a plan B?
01-05-2013 10:31 PM
You should be able to Make OTLPENET disc from a clean machine and then we can have the ransom removed from OTL enviroment...this is Plan B...I even Have Plan C ready
01-19-2013 08:55 AM
Last night, I got infected with the DOJ Ransomware virus that states "Your computer has been blocked....." and it asks you to go to a MoneyPack location and pay $4.95 to get a keycode and type into space provided to release lock. I was able to bypass this with a trick, but why does Trend Micro not have this on its list of viruses? Apparently this has been around for a while? Can someone from Trend Micro respond please?
01-23-2013 04:05 PM
What "trick" did you use to get around it? Did you remove it? I've tried rebooting in Safe w/ Networking mode and the malware keeps shutting me down. I did manage to get Trend Micro Internet Security 2012 to run once completely and it detected nothing!!!! Then rebooted again to Windows and I was still locked up by the US Dept of Justice Ransom screen. Get on the ball Trend Micro and get a solution for this! I have up to date protection and still can't get rid of this.
01-23-2013 07:03 PM
civres,please make a new topic in this part of the forum to get removal help.
03-15-2013 03:11 AM
I'm well aware that new virii are not immediately detectible.
I'm well aware that companies promising protection, cannot deliver.
I'm well aware that companies promising protection, fall dreadfully short of what they should get done.
I'm aware that Norton is almost as hard to get rid of as a virus.
I've just recently become aware of this "gap" in trend micro's abilities.
Detection is not always possible, but remediation for people that pay money to a company that dropped the ball...that should be a definite. Where is the info on removing this? A flash drive image? Instructions? Anything? He paid you money....Anything?
P.S. Just because your boys didn't make the virus, doesn't mean they don't need to solve it.