I was recently presented with a DOJ Ransomeware infection by a new client. It looked like previous infections I have seen, which I have removed in relatively short order. This one was different! The system had Windows Vista and 1gb RAM . I first booted into Safe Mode, no luck, there it was. Then Safe Mode with Command Prompt. The lock screen did not appear until I tried to run a scanner or load Explorer, then I was locked out again. From a command prompt I ran System Restore back to well before the infection arrived. No joy. I booted with a utility boot disk (which shall remain nameless) and ran Malwarebytes, which found and removed some files. SuperAntispyware (both full and portable) kicked a BSOD. Ran every scan on 2 different utility boot discs. Removed the harddrive and connected to a clean machine. Scanned with Avast, Malwarebytes and so many tools I can't even remember. Avast found and removed 55 infected files, Hitmanpro found another dozen or so, etc. etc. I researched every cure I could find. I tried TDSS Killer, Malwarebytes Rootkit Remover, and on and on and on. Trend Micro Housecall found nothing as did SAS (after the others had done their thing). Hijackthis revealed nothing. I put the HD back in its machine, the curse was still there. I booted again into Safe Mode with command prompt, brought up the Task Manager and watched for something unusual to show up. Started explorer and kept watching Task Manager. The curse showed up before I could see anything in Task Manager. You get the idea. My wife said I'm like a dog with a bone. Unfortunately, I didn't have the time to start a thread here and let the experts have their way. I ultimately wiped the HD and installed Win7, which, at least, was an improvement over Vista.
I've been repairing computers professionally for almost 15 years, this is the first time I have been absolutely beaten. I probably spent 10 hours on this infection, only to be defeated.
I posted this to let others know, there's a new variation on the prowl, and it's a b****h!!!
I've been repairing computers professionally for almost 15 years, this is the first time I have been absolutely beaten. I probably spent 10 hours on this infection, only to be defeated.
I posted this to let others know, there's a new variation on the prowl, and it's a b****h!!!
Last edited by a moderator: