Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DoJ Moneypak Virus


  • Please log in to reply
7 replies to this topic

#1 usairways85

usairways85

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 15 September 2013 - 12:21 PM

Hi,

I believe I have been infected with the Department of Justice moneypak virus and can't do much to try to remove it.

 

Running XP  (it's an old computer so I do not have the boot cd)

Boot in regular & last known good the virus appeared within seconds and eventually get a blue screen

Boot in last known good (while disconnected from internet) and virus appeared in about 2-3 minutes

Boot in any Safe mode I get a blue screen of death. 

 

Can someone help me out and get this fixed?



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:07 PM

Posted 15 September 2013 - 07:00 PM

Hello -

There are several versions, so check this linked picture, and read the given directions first.

 

Please start with THIS GUIDE and see if it helps with removal -

 

Thank You -



#3 usairways85

usairways85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 15 September 2013 - 09:04 PM

I followed the instructions, put the Kickstart on a usb.

I selected Boot from USB from the boot menu and then option 1 "Bypass master boot record".

I received the following message:

Couldn't open drive multi(0)disk(0)rdisk(0)partition(2)

NTLDR: Couldn't open drive multi(0)disk(0)rdisk(0)partition(2)

 

I hit enter and windows started but the Hitman Pro window never appeared

 

One thing to note is that I created the Kickstart on a 64 bit machine and the infected computer is a 32 bit



#4 anthonycuk

anthonycuk

  • Banned Spammer
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:07 PM

Posted 16 September 2013 - 04:44 AM

Usually, Windows XP infected with lock up virus will not be able to get into safe modes. But you can try with safe mode with command prompt.

 

method 1 : Once you see a flashing slash, pls type 'explorer' (no quote), then hit enter key. You will see desktop, then go to Control Panel and create a new user account with administrator right. Restart the computer and get into that newly created user account > Go into Drive C and find folders entitled the name of the locked up user account > navigate to Roaming and Temp folders to find abnormal files and delete them > restart back to original locked up user account (normal mode).

 

 

method 2: If you still see the lock up page: restart the infected computer (cold restart)> keep tapping F8 key > select safe mode with command prompt again > see a flashing slash > type 'net user /add' > hit Enter key > restart the computer and get into that newly created user account  named 'net user' > Go into Drive C and find folders entitled the name of the locked up user account > navigate to Roaming and Temp folders to find abnormal files and delete them > restart back to original locked up user account (normal mode).

 

method 3:  if the two above will not show you a usable desktop, you may need expert help.



#5 usairways85

usairways85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 16 September 2013 - 07:33 AM

Yes, unfortunately I am locked out of all safe modes right now.



#6 usairways85

usairways85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 17 September 2013 - 06:49 PM

Any other suggestions?  I've tried several alternatives including the one provided in the link, Kaspersky, Windows Defender offline and I still get a blue screen when booting into normal or safe mode. 



#7 anthonycuk

anthonycuk

  • Banned Spammer
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:07 PM

Posted 23 September 2013 - 03:13 AM

Do you have Windows CD? If so, use your Windows CD to repair your computer first, all you need to do now is to get into the system before you are able to delete items.



#8 usairways85

usairways85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 23 September 2013 - 06:45 AM

Not quite sure how I did it but this problem has been fixed.

Thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users