Sunday, June 23, 2013

ICE MoneyPak Virus - RansomWare - HiJack... How to remove.

You may have missed a new development or hybrid within that virus. System is stuck in a boot loop, Safe Mode disabled to a degree, causes instant reboot to Windows (Normal Mode), upon which an immediate desktop seizure and full screen advert is pushed on user, along with disabled peripherals (Kb/M). Hirem's Boot CD seems well suited and indeed does forego the HD based loop, but BlueScreen is returned when trying to load System Registry. The Hive becomes unaccessible. MalwareBytes, TrendMicro and other reputable AV softkings provide a bootable image of their particular Scan/Heal Apps, so backdoor is always open, provided the HD can be accessed through either proper Windows login credentials or System Account. Let run destructive (for the daring - otherwise Clean and Quarantine) every suspicious instance, reboot and check system status. IF original persistent malware surfaces, go use System Restore, paying heed to where the first initial warning events took place and concentrate your booting and repair on that date/snapshot. Good luck.