Hello, Im trying to remove this ransomware that has infected my Dads PC. I regret that I am unable to achieve this. It has frozen and locked my screen. I cannot even get to Start menu. Would someone please give me some assistance? Thanks in advance for your time and consideration.
Gary
Is this the one that you’re referring to?
http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware
Those instructions should help you.
thanks for your resonse, but no, it is not the one you refer to. this is a “money pak” United states Dept of Justice virus. I tried using the anvisoft repair link and it still comes back.Evenwhen i try and start in safe mode. Getting a little frustrated here. lol
Ah, I assume you’re trying these instructions then: http://forums.anvisoft.com/viewtopic-45-2726-0.html#p9816
If those don’t help, you should follow these instructions and post your logs so that a malware expert can assist you.
http://forum.avast.com/index.php?topic=53253.0
thank you again Scythe…but I cannot DL anything to that computer…I cant even get it to open in Safe Mode. I get the ransomware screen everytime i try to open in safe mode. Im in a world of hurt here arent I?
removal expert is notified…should be here soon
Hi do you have access to another computer to either download and burn a CD or insert on a spare USB drive ?
What is the operating system XP, Vista, 7 or 8
And is it 32 or 64bit
Yes Im using my laptop now to communicate.
using win 7 on LTop
64 bit
Download the following three programmes to your desktop :
Extract wintoboot to your desktop
Insert a USB drive of at least 1GB
Run Wintoboot
http://dl.dropbox.com/u/73555776/wintoboot.JPG
Drag and drop the Windows 7 ISO to the programme in the space indicated
Tick the Format box and accept the warnings
Press Do It
You will see it progressing
http://dl.dropbox.com/u/73555776/usb%20progress.JPG
It will let you know when it is done
Then copy FRST to the same USB
http://dl.dropbox.com/u/73555776/frstwintoboot.JPG
Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here
When you reboot you will see this although yours will say windows 7. Click repair my computer
http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7275.jpg
Select your operating system
http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277202.jpg
Select Command prompt
http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277.jpg
At the command prompt type the following :
notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
https://dl.dropbox.com/u/73555776/FRST%20Start%20scan.gif
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
thank you, I will give it my best shot. and will report my progress.
The scan should enable me to pinpoint the bad boys, remove them and allow you to return to normal windows
im sorry but I think i have misled you. the system im trying to save is windows xP. Have i downloaded the wrong programs? ie wintobootic, etc.?
Yes, for XP we need the following
Please print these instruction out so that you know what you are doing
[*]Download OTLPENet.exe to your desktop
[]Download Farbar Recovery Scan Tool and save it to a flash drive.
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
[*]Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
[*]Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
[]Insert the flash drive with FRST on it
[]Locate the flash drive and run FSRT
[]The tool will start to run.
http://i1224.photobucket.com/albums/ee362/Essexboy3/Farbar/FRST2.gif
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
sigh…failed. sry to waste your time
failed…sigh sry to waste your time
In what way did it fail ?
The initial run will not cure the problem as I have to locate and then kill the malware hence the FRST run
HitmanPro KickStart removes all kind of ransomware quite easily. Besides, it’s easier to use than let’s say bootable CDs. By the way, I think Avast! team should think about similar tools as well because I believe that ransomware will dominate this year. An easy to use tool targeting at least Reveton family would be great
@techlike99 the problem is that the later versions come with zero access and improper removal of that will stop the computer booting