US Dept of Justice ransomware

Hello, Im trying to remove this ransomware that has infected my Dads PC. I regret that I am unable to achieve this. It has frozen and locked my screen. I cannot even get to Start menu. Would someone please give me some assistance? Thanks in advance for your time and consideration.
Gary

Is this the one that you’re referring to?

http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

Those instructions should help you.

thanks for your resonse, but no, it is not the one you refer to. this is a “money pak” United states Dept of Justice virus. I tried using the anvisoft repair link and it still comes back.Evenwhen i try and start in safe mode. Getting a little frustrated here. lol

Ah, I assume you’re trying these instructions then: http://forums.anvisoft.com/viewtopic-45-2726-0.html#p9816

If those don’t help, you should follow these instructions and post your logs so that a malware expert can assist you.
http://forum.avast.com/index.php?topic=53253.0

thank you again Scythe…but I cannot DL anything to that computer…I cant even get it to open in Safe Mode. I get the ransomware screen everytime i try to open in safe mode. Im in a world of hurt here arent I?

removal expert is notified…should be here soon

Hi do you have access to another computer to either download and burn a CD or insert on a spare USB drive ?

What is the operating system XP, Vista, 7 or 8
And is it 32 or 64bit

Yes Im using my laptop now to communicate.

using win 7 on LTop

64 bit

Download the following three programmes to your desktop :

  1. WiNTBootIc
  2. Windows 7 64bit RC
  3. Farbar Recovery Scan Tool x64

Extract wintoboot to your desktop
Insert a USB drive of at least 1GB
Run Wintoboot

http://dl.dropbox.com/u/73555776/wintoboot.JPG

Drag and drop the Windows 7 ISO to the programme in the space indicated
Tick the Format box and accept the warnings
Press Do It

You will see it progressing

http://dl.dropbox.com/u/73555776/usb%20progress.JPG

It will let you know when it is done
Then copy FRST to the same USB

http://dl.dropbox.com/u/73555776/frstwintoboot.JPG

Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

When you reboot you will see this although yours will say windows 7. Click repair my computer

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7275.jpg

Select your operating system

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277202.jpg

Select Command prompt

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277.jpg

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

https://dl.dropbox.com/u/73555776/FRST%20Start%20scan.gif

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

thank you, I will give it my best shot. and will report my progress.

The scan should enable me to pinpoint the bad boys, remove them and allow you to return to normal windows

im sorry but I think i have misled you. the system im trying to save is windows xP. Have i downloaded the wrong programs? ie wintobootic, etc.?

Yes, for XP we need the following

Please print these instruction out so that you know what you are doing

[*]Download OTLPENet.exe to your desktop
[]Download Farbar Recovery Scan Tool and save it to a flash drive.
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
[*]Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :slight_smile:
[*]Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
[
]Insert the flash drive with FRST on it
[]Locate the flash drive and run FSRT
[
]The tool will start to run.

http://i1224.photobucket.com/albums/ee362/Essexboy3/Farbar/FRST2.gif

[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

sigh…failed. sry to waste your time

failed…sigh sry to waste your time

In what way did it fail ?

The initial run will not cure the problem as I have to locate and then kill the malware hence the FRST run

HitmanPro KickStart removes all kind of ransomware quite easily. Besides, it’s easier to use than let’s say bootable CDs. By the way, I think Avast! team should think about similar tools as well because I believe that ransomware will dominate this year. An easy to use tool targeting at least Reveton family would be great :slight_smile:

@techlike99 the problem is that the later versions come with zero access and improper removal of that will stop the computer booting