I was hit with the department of justice virus the other day and can't access my computer. I have an HP Elitebook 8730w running XP SP3. After realizing that I had an issue I tried to boot into safe mode with networking or command prompt to rid my machine of the virus. It won't boot into safe mode. It starts and then stops with the last line before BSOD showing \hpdskflt.sys. I tried recovery console and ran chkdsk \r with no luck either. I initially posted in the malware forum where it was suggested I download and burn otlpe.iso and burn it to a disk. Then change boot order in the bios to boot from CD. I did this but can't seem to boot from CD drive. I would appreciate any suggestions anyone on the board may have.
HP Elitebook 8730w won't boot from CD
Posted 26 November 2014 - 02:34 AM
the department of justice is ransomeware, not an actual virus, it can lock you out of Safe Mode. If it has corrupted \hpdskflt.sys, your optical drive may stop working. What steps did you take to remove it?
When you saw \hpdskflt.sys was there an actual error message?
Can you fire up CMD from the recovery console?
Is an inserted USB stick seen in the BIOS? if yes, will it boot from USB?
Posted 26 November 2014 - 07:06 AM
As soon as I saw that I had it, I powered off the computer and tried to start in safe mode with networking. When that did not work, I tried safe mode with command, with same bsod result. Then I posted in malware to try and see if there were any suggestions there.
hpdskflt.sys was not an actual error message, just the last line shown before bsod when trying access safe mode.
In recovery console I ran chkdsk \r but that is all. I am not too familiar with the other commands, so I don't know can access cmd from the recovery console.
I will try the USB and see if the BIOS recognizes that. Thanks for your assistance.
Posted 26 November 2014 - 04:00 PM
As soon as I saw that I had it, I powered off the computer and tried to start in safe mode with networking.
Then DOJ is still present on the computer.
hpdskflt.sys was not an actual error message, just the last line shown before bsod
I would say the file is corrupt and that caused the BSOD.
Before attempting a fix, you should try to backup any Data you want to save using a live Linux Distro.
You will need a working computer and the infected one must be bootable from a USB stick. Please have a look > http://www.pendrivel...e-from-windows/
Posted 26 November 2014 - 08:29 PM
Trying to follow the directions you gave me in the link and can't seem to locate the lupo*.iso file on my machine. I have a FAT32 thumb drive and have downloaded the usb installer and selected Lucid Puppy as instructed. I have 6.72 GB of free space on the drive. Any suggestions as to what I am missing here?
Posted 27 November 2014 - 03:16 AM
From the link in reply #4, did you go > Distribution Home Page: http://puppylinux.org
On the page that opens, did you click > Get Slacko Puppy (Slackware-Compatible)
Then click > Open ibiblio.org folder of Slacko 5.7 and choose your preferred ISO*.
In the window that opens, > click slacko-5.7.0-PAE.iso
In the Save dialogue box that opens, Choose Desktop.
In the Universal Installer opened window,
Click the Browse button, navigate to the desktop, select the ISO file you saved.
Then select the USB drive letter.
Click > Create.
Try it on the good machine. It will run entirely in RAM. I accept the default settings during setup. Remember, single click only when running Linux Puppy.
Posted 27 November 2014 - 07:29 AM
The slacko file is save to my desktop but does not show up as an available choice when choosing a file in the usb installer. I believe I am following the instructions and am probably doing something pretty stupid. I apologize for my amatuerish skills here and appreciate you helping out. Any suggestions are appreciated.
Posted 27 November 2014 - 03:48 PM
Absolutely no need for apologies, Should have told you to save in Downloads for Windows 7.
From your PM, am I right, you have Slacko running?
Posted 27 November 2014 - 07:04 PM
Great. Please post back when you have saved your Data, then we can look at a fix.
Posted 27 November 2014 - 09:29 PM
Stupid question, how do I access and save the data from the HD?
Posted 28 November 2014 - 05:11 PM
There are no stupid questions, no one can be expected to know everything.
Very sorry for the delay, having some clean up to do after a severe storm.
The Slacko Distro is a little different to the Sea Monkey I use so to be able to save your Windows Data, you will need another USB stick. Will post back in about 5 hours.
Posted 28 November 2014 - 08:41 PM
Sounds like a plan. I have another USB stick ready to go. Looking forward to implementing the plan.
Posted 29 November 2014 - 12:40 AM
OK, here we go. If you get stuck, post.
Remember, single click only and am going to abbreviate, right click (r/c and left click (l/c). Your second USB stick should be bland and formatted Fat.32.
Boot to the Slacko Desktop.
Look bottom left of screen that shows icons, HDD, USB, possible FDD. There should be SDa1 for a HDD. Note down the SD# for the USB stick..
> Plug in the second blank USB stick.
> go too the top menu, > l/c the Mount icon.
> In the window that opens, at bottom left, > l/c Refresh.
> in the mount window, > for the SDa1, > l/c the (un) Mount. The windows C drive will be displayed showing folders..
> In the Mount window, > l/c the (un) Mount for the SD# for the second USB stick, not the original one. A window for the USB stick will open.
> X close the Mound window.
NB. Take care not to delete anything when working inside the C drive, as it will be deleted from the OS drive.
Left clicking on a folder will open it, to go back, (up one) l/c the blue up arrow (top left corner of the window)
> In the C window, > l/c on the Documents and Settings folder.
> In the window that opens, > l/c on Your User Folder.
> in the window that opens, > r/c on My Documents, > in the fly out menu, > l/c Properties.
Will the My Docs folder fit on the USB stick??? If NO, stop and post back. If yes, > close the window.
> l.c on the My Docs folder and hold down.
> > Drag the folder onto clear space in the USB window and release.
> r/c on the My Docs folder in the USB window, > in the fly out menu, l/c Copy, A window showing files being copied will open, it may take one or more hours, just be patient until it has finished.
> Click the Mount icon from the top menu.
> l/c once on the (un) mount for the HDD and USB. Both windows will close.
> l/c Menu, (bottom left corner of the screen) > l/c Shutdown.
> in the window that open, > l/c Shutdown. (or might be turn off)
> In the window that open to "save settings" > l/c NO.
After shutdown, remove the USB sticks and test your backup one.
Posted 29 November 2014 - 10:12 PM
I am not sure if I have enough space on the 2nd usb stick. It shows up as sdc1. sda1 is the hdd. sda1 shows 298.1G/125.1G and sdc1, the second usb shows 7.5g. I do have an external seagate free agent desktop with 172G free space on it. I am sure I can clean some more of that out if it would be useful.
Before realizing that I may not have enough space I did move the my docs folder onto the 2nd usb stick and it shows up as a folder on that stick now with very little in it. in my music folder for example, it has a desktop.ini file and a sample music.ink file. I should have paid more attention to the detail. Please let me know your thoughts as to how to best proceed at this point. Thanks again and have a pleasant evening.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users