Questions

FBI/DOJ virus, now locks out safe mode as well. Any ideas for removal?

+
0 Votes
Locked

FBI/DOJ virus, now locks out safe mode as well. Any ideas for removal?

Locrian_Lyric
The new version locks you out of windows safe mode with networking as well.

any ideas on how to block it long enough to run some removal programs to get it out, or some that I can boot into to get this darn thing off?
  • +
    0 Votes
    henricharles

    FBI/DOJ is actually not a virus, it is actually a kind of ransomware program. You can check it will be not detectable by your Antivirus program beacuase it is specifically designed by cyber criminals and hackers. so if you are unfected with then you install any Third party Antimalware program from another PC and then install it on your PC and Scan whole computer. It will 100% detect and remove all types of malware from your computer. It is free download you do not have to pay a single penny. To download <a href= "http://www.malwareremovaltips.com"> click here </a>

    +
    1 Votes
    Clendanielc

    I would remove the hard drive and use it as a secondary or external hard drive. I would then use malware tools, such as malwarebytes, and an antivirus software to scan the external drive. You might also have to Google this type of virus to delete the executables, registry paths, etc. yourself in order to get safe mode to work or Windows to boot.

    If all else fails, get a new hard drive and restore everything from a backup. If you didn't backup the drive or its files, you can try to restore the files from the infected drive. Choose a group of files and scan them each time before you bring them to the new drive. You don't want to grab the virus that caused this issue to begin with.

    I had a client that received this file once. Strange enough it was when he tried to download an episode of Criminal Minds off of a forum. He thought the FBI actually locked his PC. Too funny! Not for me though, it was a pain to get rid of. Luckily he only received the stage one of the virus which allowed safe mode. It seems it has adapted to the environment.

    Good Luck!

    +
    0 Votes
    Locrian_Lyric

    Thanks, great idea!

    +
    1 Votes
    dldorrance

    Any experience removing this malware with with f-secure, kapersky or avira all available as bootable CDs hence obviating the need to use Windows as the OS?

    +
    0 Votes
    Locrian_Lyric

    I'll try that one too.

    +
    2 Votes
    maggie5150

    I use a bootable dvd which I would create on a safe pc. UBCD is a free boot cd utility that also comes bundled with antivirus/malware/rootkit utilities. These can be updated (prgram file+definition files) and then slipstreamed into the dvd image. So the burned image is bang up to date.

    This can then be used to host a virtual OS complete with utilities to disinfect the problem computer. UBCD can be had from here http://www.ubcd4win.com/

    +
    0 Votes
    Locrian_Lyric

    THANKS!!!! That's GREAT!

    +
    2 Votes
    OH Smeg

    Try looking at this TR Blog Link from Michael Kassner. It covers exactly what you want to know here.

    www.techrepublic.com/blog/security/rescue-cds-tips-for-fighting-malware/3803

    Col

    +
    0 Votes
    Locrian_Lyric

    thanks

    +
    1 Votes
    techie

    Try using "Remove Fake Anti-virus" and then run "Combofix" running a search online and you will find both these tools. Has worked everytime for me.

    +
    0 Votes
    Locrian_Lyric

    thank you, I will try that.

    +
    1 Votes
    Bruce Epper

    A neighbor ended up getting this latest version & called me to deal with it. The Bitdefender Rescue CD should work as long as you have a video setup that uses a resolution greater than 800x600. If you don't, it will run through the entire detection process, but you will not be able to access the buttons at the bottom of the screen to remove them. I ended up using the Trinity Rescue Kit 3.4 and running the command-line version of Bitdefender from there. It found and removed the problem files. Malwarebyes with the then-latest definitions could not find it.

    +
    1 Votes
    pentangelli

    I tried just about every fix I could find after weeding through the pages and pages of supposed answers that said nothing except "I have this problem too did you figure it out yet" Well I got sick of it and figured it out myself. Heres the trick.
    Download and burn (Borrow someone elses computer if you have to) a copy of hirens boot cd. Burn the iso to a cd. Once you have the CD put into your computer and boot from it. Choose "MINI XP mode" Allow it to boot to a desktop. Ignore the fact that tools like malwarebytes and other antispyware tools are there. Click on Setup network and allow the computer to do so. Launch the browser and google malwarebytes. Download it to the C: drive. (dont choose the default location for the download because obviously you cannot write files to a CD) Launch the program when done. Ignore the 2 or 3 error messages that pop up. Malwarebytes will launch and update itself. Run a full scan. This will delete the items that prevent your computer from being accessible in normal mode. When done remove the disk and boot into normal mode. From there run combofix and allow it to do its thing. IT will reboot your computer. AFter that run super antispyware and maybe norton power eraser (NPE). AFter this run your antivirus program to be super redundant. But you should be ok. Ive fixed probably like 25 computers with this variant in the past month. $$ For me, but my tip to you! Good luck!

    +
    0 Votes
    T9RKELL

    I created a bootable USB drive with HitmanPro Kickstart and cleaned my PC

  • +
    1 Votes
    Clendanielc

    I would remove the hard drive and use it as a secondary or external hard drive. I would then use malware tools, such as malwarebytes, and an antivirus software to scan the external drive. You might also have to Google this type of virus to delete the executables, registry paths, etc. yourself in order to get safe mode to work or Windows to boot.

    If all else fails, get a new hard drive and restore everything from a backup. If you didn't backup the drive or its files, you can try to restore the files from the infected drive. Choose a group of files and scan them each time before you bring them to the new drive. You don't want to grab the virus that caused this issue to begin with.

    I had a client that received this file once. Strange enough it was when he tried to download an episode of Criminal Minds off of a forum. He thought the FBI actually locked his PC. Too funny! Not for me though, it was a pain to get rid of. Luckily he only received the stage one of the virus which allowed safe mode. It seems it has adapted to the environment.

    Good Luck!

    +
    0 Votes
    Locrian_Lyric

    Thanks, great idea!

    +
    1 Votes
    dldorrance

    Any experience removing this malware with with f-secure, kapersky or avira all available as bootable CDs hence obviating the need to use Windows as the OS?

    +
    0 Votes
    Locrian_Lyric

    I'll try that one too.

    +
    2 Votes
    maggie5150

    I use a bootable dvd which I would create on a safe pc. UBCD is a free boot cd utility that also comes bundled with antivirus/malware/rootkit utilities. These can be updated (prgram file+definition files) and then slipstreamed into the dvd image. So the burned image is bang up to date.

    This can then be used to host a virtual OS complete with utilities to disinfect the problem computer. UBCD can be had from here http://www.ubcd4win.com/

    +
    0 Votes
    Locrian_Lyric

    THANKS!!!! That's GREAT!

    +
    2 Votes
    OH Smeg

    Try looking at this TR Blog Link from Michael Kassner. It covers exactly what you want to know here.

    www.techrepublic.com/blog/security/rescue-cds-tips-for-fighting-malware/3803

    Col

    +
    0 Votes
    Locrian_Lyric

    thanks

    +
    1 Votes
    techie

    Try using "Remove Fake Anti-virus" and then run "Combofix" running a search online and you will find both these tools. Has worked everytime for me.

    +
    0 Votes
    Locrian_Lyric

    thank you, I will try that.

    +
    1 Votes
    Bruce Epper

    A neighbor ended up getting this latest version & called me to deal with it. The Bitdefender Rescue CD should work as long as you have a video setup that uses a resolution greater than 800x600. If you don't, it will run through the entire detection process, but you will not be able to access the buttons at the bottom of the screen to remove them. I ended up using the Trinity Rescue Kit 3.4 and running the command-line version of Bitdefender from there. It found and removed the problem files. Malwarebyes with the then-latest definitions could not find it.

    +
    1 Votes
    pentangelli

    I tried just about every fix I could find after weeding through the pages and pages of supposed answers that said nothing except "I have this problem too did you figure it out yet" Well I got sick of it and figured it out myself. Heres the trick.
    Download and burn (Borrow someone elses computer if you have to) a copy of hirens boot cd. Burn the iso to a cd. Once you have the CD put into your computer and boot from it. Choose "MINI XP mode" Allow it to boot to a desktop. Ignore the fact that tools like malwarebytes and other antispyware tools are there. Click on Setup network and allow the computer to do so. Launch the browser and google malwarebytes. Download it to the C: drive. (dont choose the default location for the download because obviously you cannot write files to a CD) Launch the program when done. Ignore the 2 or 3 error messages that pop up. Malwarebytes will launch and update itself. Run a full scan. This will delete the items that prevent your computer from being accessible in normal mode. When done remove the disk and boot into normal mode. From there run combofix and allow it to do its thing. IT will reboot your computer. AFter that run super antispyware and maybe norton power eraser (NPE). AFter this run your antivirus program to be super redundant. But you should be ok. Ive fixed probably like 25 computers with this variant in the past month. $$ For me, but my tip to you! Good luck!

    +
    0 Votes
    T9RKELL

    I created a bootable USB drive with HitmanPro Kickstart and cleaned my PC

    +
    0 Votes
    henricharles

    FBI/DOJ is actually not a virus, it is actually a kind of ransomware program. You can check it will be not detectable by your Antivirus program beacuase it is specifically designed by cyber criminals and hackers. so if you are unfected with then you install any Third party Antimalware program from another PC and then install it on your PC and Scan whole computer. It will 100% detect and remove all types of malware from your computer. It is free download you do not have to pay a single penny. To download <a href= "http://www.malwareremovaltips.com"> click here </a>