Department of Justice Virus trouble

T

techyguy717

Member
Reaction score
1
This virus is giving me trouble. Ever technique that usually works is failing, with Windows 8.

Here is the exact screen I'm seeing.
http://malwaretips.com/blogs/department-of-justice-virus/

Tried the following:
- Safe mode. (Virus instantly pops up over task manager)
- Safe mode command prompt goes to graphic safe mode
Using (bcdedit /set {default} safeboot minimal)
- No restore points.
- Nothing suspicious in these registry points:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\
- "HitmanPro Kickstart" no USB detected on BOOT
- "HitmanPro Kickstart" USB detected on legacy boot mode, but then freezes on any option.
- "Microsoft Defender Offline" USB Boot find nothing.
- "Kaspersky Rescue" USB Boot finds nothing.
 
If this is similar at all to the Canadian "Cybercrime" virus, mount the drive to a test rig and scan with Malwarebytes.

After that it should be clean enough to finish up with the usual stuff (Adwcleaner, JWT, manual checks, etc.)
 
perhaps linux?

You could try mounting it through linux, and finding the offending files and removing them, or running a scanner from linux to the ntfs drive that is infected. Perhaps something like INSERT (inside security rescue toolkit?) Or perhaps something similar.
 
Bootable CD

You can change bios to allow unsecure boot and use a boot cd to clean up virus, then log in and clean it up like your normally would.
 
Attached Hard Drive to Bench PC and scanned with Malwarebytes and Gdata. Nothing Found. Nothing is found when scanning from boot disks either.

But when booting to Windows, system is obviously affected and completely unusable.

Is there a way around this? Why do none of the tools detect this?
 
Have you tried Process Explorer to check out any unknown or odd running processes? Suspend, rather than kill ones you suspect, and see if it makes a difference. Do the click and submit to VirusTotal to see if they are listed.

When my usual scans don't work, I think it's faster to go after it manually, instead of sitting through more scans.
 
Altrenda,

Yes, but unfortunately, the virus screen pops up immediately, even in safe mode. Every action is blocked, except a hard shutdown. I can't find the virus in the registry or folders ether.
 
Ruin a bootable CD, I think that there is a link to a Windows 8 pe disk on here you can download, maybe try running rogue killer from there from there.
 
Still no go. Everything I'm doing has no effect. No change.

I'm attempting to get the Administrator activated at the Windows 8 login screen.

Every thing I'm doing to activate this, is not working.

https://4sysops.com/archives/offline-enable-the-windows-8-built-in-administrator-account/

ohio_grad_06,
I do not think these boot disks are working. The virus is not detectable by anything, even my DIAG PC Rig. I can't boot into windows, without the virus popping up and disabling all keyboard and mouse control.
 
You might have a rootkit there. Check the partitions on the drive against a good Windows 8 system. See if there's an extra one there.
 
You must log in or register to reply here.

Similar threads

T
Seeking understanding of why new Dell gamer laptops can't use Device Encryption
Replies
3
Views
409
Markverhyden
Markverhyden
Appletax
AVG hosed the OS - BSODs, bootrec/fixboot "Access is Denied"
2
Replies
25
Views
3K
britechguy
britechguy
A
BSOD on boot
Replies
17
Views
2K
ell
E
C
Having a hard time tracking this virus fix.
Replies
15
Views
1K
Sky-Knight
Sky-Knight
XFalloutX
Win 10 Safe Mode
Replies
15
Views
2K
Briggsy
B
Back
Top