FBI MoneyPak Virus

Posted on 2012-12-31
Last Modified: 2013-11-22
I got the FBI MoneyPak Virus last night and did a system restore from safemode. I then downloaded a free virus software program as recommended at As it was running, eventually it crashed out into a blue screen and indicated it was doing a system dump. I pressed the OFF button and shut it down during that.

So I rebooted into safemode again and did a restore again. This time I used Windows Defender to do a quick scan and it found nothing. I worked a little more and there was another system dump. I pressed the OFF button and shut it down.

I rebooted and so far no more problems.

But is there more I have to do? Is it still on my system, or does System Restore take care of it? Why do you suppose I got the two system dump screens. I've gone through the sites with instructions for removal and it seems that doing a system restore should be enough.

I never click an executable that I didn't specifically download and don't know what it is. This is a development computer. I never download or watch videos on here, nor music. I don't do anything on illegal websites. I don't watch porn. I only use this for programming, checking mail. My mail has two forms of spam detector on it so spam goes directly there without me doing anything with it. I have no clue how I got this.

Question by:Starr Duskk
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 10

Expert Comment

ID: 38733082
This is a very common virus caused by drive by download. A website was visited that had this infection, which one..hard to say. A very easy virus to remove, hence the reason that the restore fixed it. Install Microsoft Security Essentials, run a scan, it will probably turn up nothing. How to prevent, very hard as no antivirus is 100%. Could be from a google search.

Author Comment

by:Starr Duskk
ID: 38733179
My question was, "DID MY RESTORE FIX IT?" After all, I had the system shut itself down twice with a system dump after both restores. So is there something else that needs to be done?

I'd like perhaps someone who had this virus to confirm what they did to remove it all.

LVL 10

Accepted Solution

cbmm earned 500 total points
ID: 38733223
Your restore removed the entry from msconfig that started the virus when the computer booted. I have removed this virus manually from probably over 50 computers. If you would like to verify, go to start--search programs and files--type msinfo32--go to software environment--startup programs--file export--give the file a name and save it. Attach the results here. Also, to double check i recommended installing Microsoft Security Essential and running a scan
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.


Author Comment

by:Starr Duskk
ID: 38733464
Is Microsoft Security Essential  not Windows Defender, which I already ran?
LVL 10

Expert Comment

ID: 38733502
That all depends on what version of windows you are running. Windows 8, defender is antivirus and spyware. In windows 7 or vista, it is only spyware and microsoft  essentials is needed for antivirus

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question