Dept. of Justice - Ransomware: Locked up computer, incl. SAFE MODE

R

rdgizmo

New Member
Thread author
Jul 31, 2013
11
I am having an issue with HitmanPro/Kickstart with a Dept. of Justice ransomware. Tried HitmanPro/Kickstart, but it will not detect the malware. Have contacted SurfRight, and they suggested that I review your removal tips...

I am using a Dell XPS 420, with Windows 7 Ultimate(32-bit), with a RAID 1 (mirror) setup; IE 9; Trend Micro Titanium did not detect or remove. Their techs could not assist successfully as I could not network. System shows DOJ screen at every turn. System Restore unsuccessful

I am unable to use Safe Mode with Command Prompt or with Networking, so I tried the Kaspersky Rerscue Disk as suggested on the site. I have downloaded and burned 3 separate disks with the same results... Once it boots up and Kaspersky initiates, I get a message that the data files (virus/malware/etc.) are corrupted (not out of date, as is shown in your instructiuons). I try to update them so it can scan my system, but the update fails at about 30% complete, and retries fail immediately. Therefore no scan can take place. What can I do?
 
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi and welcome to the malwaretips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
<hr />

Can you please try to run a scan with Farbar Recovery Scan Tool. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tooland save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.
 
R

rdgizmo

New Member
Thread author
Jul 31, 2013
11
Kuttus,

I ran the FRST.exe scan and have attached the logfile.

Regards,
rdgizmo
 

Attachments

  • FRST.txt
    4 KB · Views: 124
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi rdgizmo,

It seems there is something is not Right in the scan results, Please run the FRST scan once more and send me a new Scan Log............
 

Similar threads

anirbandutta01
    • Like
Serious Discussion Safe mode protection
Replies
11
Views
459
General Security Discussions
Brahman
Brahman
Victor M
    • Wow
    • Like
Hot Take ASUS VivoBook BIOS disable WiFi does not disable. Peer Mode Attack
Replies
3
Views
973
Hardware Discussions
Victor M
Victor M
H
    • Like
    • Applause
    • Wow
Advice Request Use Deep Instinct for laptop set up with ransomware protection
Replies
9
Views
1,014
Other security for Windows, Mac, Linux
likeastar20
L

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top