United States Department of Justice MoneyPak Virus Interface




Share on Twitter Share on Stumble Upon Share on Digg Share on Delicious


Providing cost-effective local computer repair and network support in the middle Tennessee area

Remote Access Portal

Remote Access Icon
Home About Us Onsite Services Online Services Self Help Pricing Blog Inquiries

The Department of Justice MoneyPak virus can be acquired by visiting compromised or malicious websites and also by executing infected files and attachments. Once it has compromised a computer, it locks the system down and displays threatening messages . The messages indicate that your system has been locked and that it can be unlocked once you pay  the fine through a MoneyPak transaction



How To Remove The United States Department Of Justice MoneyPak Virus

You’ll need to download the two utilities listed below for this removal. Download them on a clean system and then transfer them to the infected system via a cd or flash drive.


TDSSKiller

Malwarebytes


  1. Okay, once you’ve downloaded and transferred the files, if your computer is already powered on, restart it into "Safe Mode with Command Prompt" by pressing the "Function F8" at system start up before the Windows Logo appears.













  1. At the logon screen, log into an account with administrative rights.
  2. Once you're logged in the command prompt should appear.
  3. At the command prompt type "CD windows\system32" (Unless your Windows installation is located in another file folder. If that is the case substitute "Windows" for the name of your particular Windows folder.















  1. Next, to start Windows System Restore type "rstrui.exe"















  1. Once the System Restore interface has opened, click "Next" and then select a restore point that was created a week or more before your computer was compromised. If you don't see restore points for the date that you need click "Show More Restore Points".



















  1. Click next and follow the prompts. If system restore fails to restore your system to the listed restore point, go back through this procedure and choose a data a little farther back and try the restore again. If system restore  repeatedly fails, use the second removal option below to remove the virus.
  2. After your system has been restored, execute the copy of TDSSKiller to remove any possible root kit infections associated with this virus.



















  1. Select the additional options before you start the scan.



















  1. Follow the prompts and reboot if necessary.
  2. Next, execute the copy of Malwarebytes and run a complete system scan to clean up any remaining threats.




















At this point your work should be complete and your system should be back to normal. If you still receive the rasomware pop ups though, use the removal technique below to remedy your situation.


_______________________________________________________________


Second  Technique to Remove the Department Of Justice MoneyPak Virus


You'll need to download a few removal utilities on a clean system and then transfer the files to the infected system via a flash drive or cd.



You will need to download:






  1. Once you have downloaded the files and copied them onto a flash drive or cd, restart the infected computer into "Safe Mode with Command Prompt" by pressing the "Function F8" key at system start up.














  1. At the logon screen select an account with administrative rights.
  2. Once you're logged in and the command prompt is displayed, insert the flash drive or cd with the copied virus removal utilities that you downloaded.
  3. Next, navigate to the drive letter of the flash drive or cd. If you copied the files onto a cd the drive letter will probably be "D" or maybe "E". If you copied the files onto a flash drive, depending on your system configuration you may have to try several letters systematically before you locate the correct drive letter.
  1. Next, if you created a folder on the drive and then copied the utilities into that folder type "CD {Your Folder Name}". An example would be "Cd software" if you named the folder "Software".






























  1. Next, execute the copy of TDSSKiller. Select the additional options before you start the scan.




































  1. Once it's completed execute the copy of "Combofix" by typing "combofix.exe" unless you named the file something else.















  1. If you have a active anti-virus installed "Combofix will display a warning once it detects it. If that is the case, cancel "Combofix and instead navigate back to the partition that Windows is installed on and start the "Windows Explorer" by typing "explorer". Then quickly afterwards disable your anti-virus in the lower right corner. If Combofix doesn’t display any anti-virus warnings and you know you don’t have an anti-virus that has real time protection activated, skip this step and the next.















  1. Once the Anti-virus is disabled open the "Task Manager" by pressing "Ctrl, Atl & Delete" simultaneously one time. Once the task manager opens select the "Processes" tab, click on explorer and then "End Process' in the lower right.


  1. Now navigate back to the external drive and directory that you were in before and execute "Combofix” once more. Let it complete it's 50 to 60 stage scan and removal of any detected malicious software on your system.


  1. Once it has completed and displayed the log, execute the copy of Malwarebytes by typing it's executable. "Type "Dir" to list the directory contents once again if you're unsure of the filename.




















  1. Reboot the system afterwards and check for the ransomware pop ups and proper Internet connectivity. If everything looks okay you should be done at this point. If not, and the virus pops up again, you'll need to contact a computer repair professional to resolve your computer virus issue.








Smith Technical Resources makes no guarantees or claims that the information contained in this article will help you completely remove the above listed malicious program(s) from your computer.  There are several variations of each particular virus in the wild . And the procedure listed above may not be adequate for the specific version of the virus that your computer has been compromised by.

If you feel uncomfortable performing any of the procedures that we've listed on this page, please contact a professional computer repair company in your area and have them complete the needed repairs on your computer. Smith Technical Resources takes no responsibility for any possible damage that could result from your use of the above instructions.

©Smithtechres.com 2013 All Rights Reserved. Website Privacy Policy. Site Map

Windows XP Advanced Options Menu Windows 7 Command Prompt Windows 7 Command Prompt Windows 7 System Restore Interface Kaspersky TDSSKiller Interface Kaspersky TDSSKiller options menu malwarebytes interface Windows XP Advanced Options Menu Windows 7 Command Prompt Windows 7 Command Prompt Kaspersky TDSSKiller interface Windows 7 Command Prompt Command Prompt malwarebytes interface Kaspersky TDSSKiller options menu

Related Tutorials That May Be Of Interest To You

  1. FBI MoneyPak Virus Removal Tutorial
  2. Mandiant USA Cyber Security Ransomware Removal Tutorial

The FBI and Mandiant Logos are the property of their respective organizations.

Mandiant Logo FBI Logo

You may also be interested in the following tutorials:


Department Of Justice Virus Removal