Solved

FBI MoneyPak Virus

Posted on 2012-12-31
6
1,116 Views
Last Modified: 2013-11-22
I got the FBI MoneyPak Virus last night and did a system restore from safemode. I then downloaded a free virus software program as recommended at malwarebytes.com. As it was running, eventually it crashed out into a blue screen and indicated it was doing a system dump. I pressed the OFF button and shut it down during that.

So I rebooted into safemode again and did a restore again. This time I used Windows Defender to do a quick scan and it found nothing. I worked a little more and there was another system dump. I pressed the OFF button and shut it down.

I rebooted and so far no more problems.

But is there more I have to do? Is it still on my system, or does System Restore take care of it? Why do you suppose I got the two system dump screens. I've gone through the sites with instructions for removal and it seems that doing a system restore should be enough.

I never click an executable that I didn't specifically download and don't know what it is. This is a development computer. I never download or watch videos on here, nor music. I don't do anything on illegal websites. I don't watch porn. I only use this for programming, checking mail. My mail has two forms of spam detector on it so spam goes directly there without me doing anything with it. I have no clue how I got this.

Thanks.
0
Comment
Question by:BobCSD
  • 3
  • 3
6 Comments
 
LVL 10

Expert Comment

by:cbmm
ID: 38733082
This is a very common virus caused by drive by download. A website was visited that had this infection, which one..hard to say. A very easy virus to remove, hence the reason that the restore fixed it. Install Microsoft Security Essentials, run a scan, it will probably turn up nothing. How to prevent, very hard as no antivirus is 100%. Could be from a google search.
0
 
LVL 1

Author Comment

by:BobCSD
ID: 38733179
My question was, "DID MY RESTORE FIX IT?" After all, I had the system shut itself down twice with a system dump after both restores. So is there something else that needs to be done?

I'd like perhaps someone who had this virus to confirm what they did to remove it all.

thanks.
0
 
LVL 10

Accepted Solution

by:
cbmm earned 500 total points
ID: 38733223
Your restore removed the entry from msconfig that started the virus when the computer booted. I have removed this virus manually from probably over 50 computers. If you would like to verify, go to start--search programs and files--type msinfo32--go to software environment--startup programs--file export--give the file a name and save it. Attach the results here. Also, to double check i recommended installing Microsoft Security Essential and running a scan
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:BobCSD
ID: 38733464
Is Microsoft Security Essential  not Windows Defender, which I already ran?
0
 
LVL 1

Author Comment

by:BobCSD
ID: 38733499
0
 
LVL 10

Expert Comment

by:cbmm
ID: 38733502
That all depends on what version of windows you are running. Windows 8, defender is antivirus and spyware. In windows 7 or vista, it is only spyware and microsoft  essentials is needed for antivirus
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now