Skip to content


Reply
Stone Emissary
dr24
Posts: 6
Registered: ‎12-30-2012

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

I tried the fix and it didn't go so well. I tried to run the custom code below in safe mode with networking and the malware wouldn't let it run, it went to the FBI screen again after I clicked run fix in OTL. Now I see a couple new files added on my desktop, a .bat file and a .ini file (can't see names) that must be from the malware. Problem is I think it now morphed into my safe mode because I can't even boot up to the desktop now in safe mode without networking, the FBI screen shows up every time I try to briefly and then it goes to a blank gray screen where I can't do anything. I try to go to task manager and that doesn't work either.

 

Now I'm really at a loss on what to do. Can it be fixed through the command prompt or is there another way?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,978
Registered: ‎08-08-2011

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

[ Edited ]

Hi,

 

Boot into safe mode with command prompt and type in explorer.exe when CMD appears and hit enter..your desktop should now appear..now try OTL fix again.Ensure to keep the network cable/internet unplugged..dont forget to upload the folder for me as said in my otl fix

 

Dont delete any files on the desktop..they are system files...I will rehide them at the end.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
dr24
Posts: 6
Registered: ‎12-30-2012

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

I tried multiple times to boot into safe mode with command prompt and it takes me to the log on page where I enter my password for Windows, then after I log in it gives the FBI/Moneypak screen where I can't do anything. Is there another solution we can try?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,978
Registered: ‎08-08-2011

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

Lets get behind this ransom's ass...

 

 

  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD

  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :) 

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy 
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Quick Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive. 
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.
—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
dr24
Posts: 6
Registered: ‎12-30-2012

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

I'd like to try the fix you are suggesting but I can't get to the desktop at all. At start up I have tried to boot to safe mode, safe mode with networking and safe mode with command prompt and each time it now brings me to the malware FBI message that completely locks up my PC. Can't get around it to task manager or anything. Before I tried the OTL fix I could at least boot up to safe mode, now I can't even do that. Even when I try to boot to the command prompt it still loads Windows and then I get the screen message.

 

Thoughts on a plan B?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,978
Registered: ‎08-08-2011

Re: Hijack This Log Review Win 7: FBI/Moneypak Malware

You should be able to Make OTLPENET disc from a clean machine and then we can have the ransom removed from OTL enviroment...this is Plan B...I even Have Plan C ready :smileywink:

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Esquire
mgaramani
Posts: 1
Registered: ‎01-19-2013

Department of Justice Ransomware

Last night, I got infected with the DOJ Ransomware virus that states "Your computer has been blocked....." and it asks you to go to a MoneyPack location and pay $4.95 to get a keycode and type into space provided to release lock. I was able to bypass this with a trick, but why does Trend Micro not have this on its list of viruses? Apparently this has been around for a while? Can someone from Trend Micro respond please?

Please use plain text.
Stone Esquire
civres
Posts: 2
Registered: ‎01-23-2013

Re: Department of Justice Ransomware

What "trick" did you use to get around it?  Did you remove it? I've tried rebooting in Safe w/ Networking mode and the malware keeps shutting me down. I did manage to get Trend Micro Internet Security 2012 to run once completely and it detected nothing!!!!  Then rebooted again to Windows and I was still locked up by the US Dept of Justice Ransom screen.  Get on the ball Trend Micro and get a solution for this!  I have up to date protection and still can't get rid of this.

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,978
Registered: ‎08-08-2011

Re: Department of Justice Ransomware

civres,please make a new topic in this part of the forum to get removal help.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Esquire
IncredibleStorm
Posts: 1
Registered: ‎03-15-2013

Re: FBI MoneyPak virus

I'm well aware that new virii are not immediately detectible. 

 

I'm well aware that companies promising protection, cannot deliver. 

 

I'm well aware that companies promising protection, fall dreadfully short of what they should get done. 

 

I'm aware that Norton is almost as hard to get rid of as a virus. 

 

I've just recently become aware of this "gap" in trend micro's abilities. 

 

Detection is not always possible, but remediation for people that pay money to a company that dropped the ball...that should be a definite. Where is the info on removing this? A flash drive image? Instructions? Anything? He paid you money....Anything?

 

P.S. Just because your boys didn't make the virus, doesn't mean they don't need to solve it. 

Please use plain text.