Solved

FBI MoneyPak Virus

Posted on 2012-12-31
6
1,142 Views
Last Modified: 2013-11-22
I got the FBI MoneyPak Virus last night and did a system restore from safemode. I then downloaded a free virus software program as recommended at malwarebytes.com. As it was running, eventually it crashed out into a blue screen and indicated it was doing a system dump. I pressed the OFF button and shut it down during that.

So I rebooted into safemode again and did a restore again. This time I used Windows Defender to do a quick scan and it found nothing. I worked a little more and there was another system dump. I pressed the OFF button and shut it down.

I rebooted and so far no more problems.

But is there more I have to do? Is it still on my system, or does System Restore take care of it? Why do you suppose I got the two system dump screens. I've gone through the sites with instructions for removal and it seems that doing a system restore should be enough.

I never click an executable that I didn't specifically download and don't know what it is. This is a development computer. I never download or watch videos on here, nor music. I don't do anything on illegal websites. I don't watch porn. I only use this for programming, checking mail. My mail has two forms of spam detector on it so spam goes directly there without me doing anything with it. I have no clue how I got this.

Thanks.
0
Comment
Question by:Starr Duskk
  • 3
  • 3
6 Comments
 
LVL 10

Expert Comment

by:cbmm
ID: 38733082
This is a very common virus caused by drive by download. A website was visited that had this infection, which one..hard to say. A very easy virus to remove, hence the reason that the restore fixed it. Install Microsoft Security Essentials, run a scan, it will probably turn up nothing. How to prevent, very hard as no antivirus is 100%. Could be from a google search.
0
 
LVL 2

Author Comment

by:Starr Duskk
ID: 38733179
My question was, "DID MY RESTORE FIX IT?" After all, I had the system shut itself down twice with a system dump after both restores. So is there something else that needs to be done?

I'd like perhaps someone who had this virus to confirm what they did to remove it all.

thanks.
0
 
LVL 10

Accepted Solution

by:
cbmm earned 500 total points
ID: 38733223
Your restore removed the entry from msconfig that started the virus when the computer booted. I have removed this virus manually from probably over 50 computers. If you would like to verify, go to start--search programs and files--type msinfo32--go to software environment--startup programs--file export--give the file a name and save it. Attach the results here. Also, to double check i recommended installing Microsoft Security Essential and running a scan
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 2

Author Comment

by:Starr Duskk
ID: 38733464
Is Microsoft Security Essential  not Windows Defender, which I already ran?
0
 
LVL 2

Author Comment

by:Starr Duskk
ID: 38733499
0
 
LVL 10

Expert Comment

by:cbmm
ID: 38733502
That all depends on what version of windows you are running. Windows 8, defender is antivirus and spyware. In windows 7 or vista, it is only spyware and microsoft  essentials is needed for antivirus
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question