?
Solved

FBI MoneyPak Virus

Posted on 2012-12-31
6
Medium Priority
?
1,163 Views
Last Modified: 2013-11-22
I got the FBI MoneyPak Virus last night and did a system restore from safemode. I then downloaded a free virus software program as recommended at malwarebytes.com. As it was running, eventually it crashed out into a blue screen and indicated it was doing a system dump. I pressed the OFF button and shut it down during that.

So I rebooted into safemode again and did a restore again. This time I used Windows Defender to do a quick scan and it found nothing. I worked a little more and there was another system dump. I pressed the OFF button and shut it down.

I rebooted and so far no more problems.

But is there more I have to do? Is it still on my system, or does System Restore take care of it? Why do you suppose I got the two system dump screens. I've gone through the sites with instructions for removal and it seems that doing a system restore should be enough.

I never click an executable that I didn't specifically download and don't know what it is. This is a development computer. I never download or watch videos on here, nor music. I don't do anything on illegal websites. I don't watch porn. I only use this for programming, checking mail. My mail has two forms of spam detector on it so spam goes directly there without me doing anything with it. I have no clue how I got this.

Thanks.
0
Comment
Question by:Starr Duskk
  • 3
  • 3
6 Comments
 
LVL 10

Expert Comment

by:cbmm
ID: 38733082
This is a very common virus caused by drive by download. A website was visited that had this infection, which one..hard to say. A very easy virus to remove, hence the reason that the restore fixed it. Install Microsoft Security Essentials, run a scan, it will probably turn up nothing. How to prevent, very hard as no antivirus is 100%. Could be from a google search.
0
 
LVL 2

Author Comment

by:Starr Duskk
ID: 38733179
My question was, "DID MY RESTORE FIX IT?" After all, I had the system shut itself down twice with a system dump after both restores. So is there something else that needs to be done?

I'd like perhaps someone who had this virus to confirm what they did to remove it all.

thanks.
0
 
LVL 10

Accepted Solution

by:
cbmm earned 2000 total points
ID: 38733223
Your restore removed the entry from msconfig that started the virus when the computer booted. I have removed this virus manually from probably over 50 computers. If you would like to verify, go to start--search programs and files--type msinfo32--go to software environment--startup programs--file export--give the file a name and save it. Attach the results here. Also, to double check i recommended installing Microsoft Security Essential and running a scan
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 2

Author Comment

by:Starr Duskk
ID: 38733464
Is Microsoft Security Essential  not Windows Defender, which I already ran?
0
 
LVL 10

Expert Comment

by:cbmm
ID: 38733502
That all depends on what version of windows you are running. Windows 8, defender is antivirus and spyware. In windows 7 or vista, it is only spyware and microsoft  essentials is needed for antivirus
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question