• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 621
  • Last Modified:

FBI Virus Hijack

HP Desktop running Vista has the FBI Startup page, the MoneyPak one with the USA pictured with the Flag.
I have tried the  standard fixes with no luck.
PC will not boot to CMD prompt or Safe Mode.
The Drive is in the machine right now but can be slaved to this PC. I  can mount the drive either in this PC or the affected one.
I've posted here before with the same basic problem but this time nothing works.

Starting from scratch OK with me.

Pete
0
cfourkays
Asked:
cfourkays
2 Solutions
 
aadihCommented:
Start from scratch (reinstall) will work.

You may like, however, to use a rescue disk (e.g., avira) to boot and scan the PC and see if that clears up the virus.
0
 
dec0mpileCommented:
If you do not want to format your system you can use the following steps to remove the virus:

Use windows installation disk to go into recovery console:

Click "Repair Your Computer" to open the Recovery Console. The Recovery Console window opens. Click "Command Prompt" to open the Windows command line utility.

Type "bootrec.exe /fixmbr" and press "Enter." The "/fixmbr" switch indicates that you want to fix the MBR.

Remove the DVD from the drive and reboot your computer.

Then load windows and execute:
Roguekiller http://tigzy.geekstogo.com/roguekiller.php

After Roguekiller runs delete and fix all files that it detects (including MBR if this is affected).

Immediately after Roguekiller run ComboFix
http://www.bleepingcomputer.com/download/combofix/

You can read about the virus here:
http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

NOTE: You may need to rename the files and/or use right click "Run As" command and run them form different account to get them to start.
0
 
kdubendorfCommented:
I've also used HimManPro on this package with some success.   If Safemood doesn't work use HitManPro.kickstart.   You can put it on a USB and boot from the USB.   It will clean the MoneyPack Virus.

After you get it clear with HitManPro run Malwarebytes and then try Combofix.  

That should do it for you.
0
 
cfourkaysAuthor Commented:
This one was an SOB.
Final cleaner was Hitmanpro from boot.
Thanks, all.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now