I work as a computer tech at a PC repair shop, and I've encountered a newer version of the moneypak (FBI, Department of Defense, etc.) virus.
In the past, I've tried one of the following:
Booting into safe mode (w/ networking or only CMD if required) and then running Malwarebytes, ComboF, etc.
Booting into Mini XP/Linux off of a USB or CD and then manually removing the infection from AppData/Program Data, etc.
None of these methods have worked so far, though. It's an All-In-One HP (Win7) with a PITA process of removing the HDD, so I would rather not take the HDD out and scan it if I don't have to.
I can boot into safe mode (w/ CMD) but whenever I run anything (whether it's rkill, combofix, TDSS Killer, etc. Even JRT) the virus locks up the screen. I have to log out and log back in for it to work again, only start as soon as a new process is run. I tried Kickstart with Hitman, but the results found no malware at all.
Anyone have any ideas how to solve this one?