Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


My dad got the department of justice moneypak virus on his computer!

  • This topic is locked This topic is locked
2 replies to this topic

#1 jackiedogood


  • Members
  • 2 posts
  • Local time:06:36 PM

Posted 20 January 2014 - 05:10 PM

I'm pretty sure I have malwarebytes anti malware installed on the computer but the doj virus has completely locked me out. I have tried running in safemode, safemode with networking, and safemode with command prompt but the doj pop up still shows up immediately. I even tried running them with my lan unplugged and router off but then I just get a popup (presumably from the virus) that says "turn off safe mode and connect to the internet" or something to that effect. Now the weird part is that when I ran the virus in the three safe modes with the web still connected it never mentioned that I had it in safe mode. I read that hitmanpro kickstart on a usb will get rid of it but my dad has files on the computer that he wants to keep and I've read that hitmanpro could accidentally delete those files. I'm assuming this is a new version of the virus because no one seems to have made a post about it anywhere on the internet. Can someone please help me. Also the computer is a desktop windows vista. I can't take a screenshot of it because I can't even use the computer but I took a picture of it. 

Edit: Moved topic from Windows Vista to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)


#2 InadequateInfirmity


    I Gots Me A Certified Edumication

  • Banned
  • 5,180 posts
  • Gender:Male
  • Local time:09:36 PM

Posted 20 January 2014 - 09:24 PM

Boot into the recovery console and perform a system restore to a point a few  day's prior to the infection.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Once you have done the system restore then run a scan with Tdss Kiler & ESET.


Please download TDSSKiller.exe to your desktop.. Vista/Windows 7 users right-click and select Run As Administrator.

  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.




Please scan your machine with ESET OnlineScan
You will need to disable your antivirus prior to scanning.

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I
  • accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and Remove Found Threats
  • Click Advanced settingsand select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESET Scan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

#3 Platypus


  • Global Moderator
  • 15,504 posts
  • Gender:Male
  • Location:Australia
  • Local time:01:36 PM

Posted 20 January 2014 - 10:16 PM

Same topic responded to by MRT:




This topic closed to avoid confusion.

Top 5 things that never get done:


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users