For every question, there's an answer -- and you'll find it here!


Printer-friendly copy
Top The PC Q&A Forum The Computer Forum topic #545076
View in linear mode

Subject: "How to Remove the FBI MoneyPak Malware Virus?" Previous topic | Next topic
adirongWed Aug-01-12 07:11 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
"How to Remove the FBI MoneyPak Malware Virus?"
Wed Aug-01-12 08:06 PM by adirong

          

http://www.winknews.com/Local-Florida/2012-07-23/Call-for-Action-FBI-computer-scam-warning

My Dad's Vista Home Premium laptop is now infected with this virus and I don't know how to tell him to fix it. He has Avira, SuperAnti spyware, SpywareBlaster, SS&D, AdAware. Is there anything I can do to help him get rid of that nasty virus? He can't get online at all. Is his information on his PC safe??

I need the safest, easiest, step by step directions, I C a lot when I google but I'd like a most trusted source if you all can recommend one please.

Thanks

Edit: Dad says Avira free detected the virus but it was after he hit "remove" that he got infected with it

Adirondack Girl

  

Alert Printer-friendly copy | | Top

Replies to this topic
Subject Author Message Date ID
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 01st 2012
1
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
2
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
3
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
4
      RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
5
           RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
6
                RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
7
                     RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
8
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
11
      RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
12
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
9
      RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
10
           RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 02nd 2012
13
                RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 03rd 2012
14
                RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 03rd 2012
15
                     OFF-TOPIC BUT PERTINENT NOTE TO THE ABOVE THREAD.
Aug 03rd 2012
16
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 06th 2012
17
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 07th 2012
18
      RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 07th 2012
19
           RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 07th 2012
20
                RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 08th 2012
21
                     RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 08th 2012
22
                     RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 12th 2012
23
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 16th 2012
24
RE: How to Remove the FBI MoneyPak Malware Virus?
Aug 27th 2012
25

TtechWed Aug-01-12 10:35 PM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#1. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 0)
Wed Aug-01-12 10:35 PM by Ttech

  

          

If I remember correctly, your dad is in another state. If he isn't tech savvy enough to download some software tools on another computer and take them to his computer on a CD or flash drive, then he will need assistance from somebody who is technical.

I saw this infection the other day. I used ComboFix and Malwarebytes to remove it.

None of the security programs on the computer now will help because internet access is blocked and they can't get updates. You really need to get rid of Adaware, and I don't remember the last time I used Spybot, although it may still be a useful program.

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

    
adirongThu Aug-02-12 02:28 AM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#2. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 1)
Thu Aug-02-12 02:34 AM by adirong

          

Quote:
If I remember correctly, your dad is in another state. If he isn't tech savvy enough to download some software tools on another computer and take them to his computer on a CD or flash drive, then he will need assistance from somebody who is technical.


You have a good memory! I think he can handle that! I haven't used the ComboFix prog before but I've used Malwarebytes. Will these have to be run in safe mode? Not sure he can access his desktop? I'll have him DL these and go from there, hopefully he can do this tomorrow and I'll post back, thank you

Edit: my concern with the Combo Fix is that if he doesn't have the windows recovery console installed then there will be now way for him to install it since he is unable to access the internet because of the virus he now has so then the ComboFix will be of no help right?

Adirondack Girl

  

Alert Printer-friendly copy | | Top

        
jbmcmillanThu Aug-02-12 02:40 AM
Member since Jul 17th 2002
5268 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#3. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 2)


          

I don't have it either (recovery console)and I ran it about a week ago with no problems (not saying that is always the case). It tries to create a restore point before proceeding and just tell him to just leave it alone even if it takes a while as it can stall out if you click on the window.You don't really install this just run it.

  

Alert Printer-friendly copy | | Top

            
CompPeteThu Aug-02-12 03:30 AM
Member since Apr 17th 2004
3167 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#4. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to jbmcmillan (Reply # 3)


  

          

ComboFix DOES install when you run it, but not in the conventional way. After you get everything all cleaned up, go to the Run window (Windows key + R) and type in "combifix /uninstall" to uninstall it.

  

Alert Printer-friendly copy | | Top

                
jbmcmillanThu Aug-02-12 04:52 AM
Member since Jul 17th 2002
5268 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#5. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to CompPete (Reply # 4)


          

Ran it a while back maybe a week ago and I tried your command and it just says it can't find it.I just thought it did it itself when it ended.

  

Alert Printer-friendly copy | | Top

                    
CompPeteThu Aug-02-12 06:38 AM
Member since Apr 17th 2004
3167 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#6. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to jbmcmillan (Reply # 5)


  

          

The uninstall won't work if you've already deleted the Combofix.exe file. But just deleting it doesn't uninstall it.

http://www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

  

Alert Printer-friendly copy | | Top

                        
jujet84Thu Aug-02-12 12:29 PM
Charter member
3342 posts
Click to send email to this authorClick to view this author's profileClick to add this author to your buddy list
#7. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to CompPete (Reply # 6)


          

Quote From MajorGeeks cortious of Kestrel13!

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /uninstall
Notes: The space between the combofix" and the /uninstall, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

  

Alert Printer-friendly copy | | Top

                            
jbmcmillanThu Aug-02-12 01:23 PM
Member since Jul 17th 2002
5268 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#8. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to jujet84 (Reply # 7)


          

Next time I will read things myself instead of going on other people's instructions .

  

Alert Printer-friendly copy | | Top

        
TtechThu Aug-02-12 06:04 PM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#11. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 2)


  

          

There is no recovery console in Vista. Just run combofix, it will be fine. As mentioned by someone else, uninstall or disable Avira first.

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

            
adirongThu Aug-02-12 09:33 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#12. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 11)


          

Ok, will do.

Adirondack Girl

  

Alert Printer-friendly copy | | Top

    
adirongThu Aug-02-12 05:03 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#9. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 1)


          

Once he gets these two programs installed on a flash drive then what should his next steps be to get rid of this nasty virus so I can talk him thru it?

Adirondack Girl

  

Alert Printer-friendly copy | | Top

        
CompPeteThu Aug-02-12 05:18 PM
Member since Apr 17th 2004
3167 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#10. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 9)


  

          

I'd uninstall Avira first because it can conflict with Combofix.
Copy Combofix to the desktop, and run it.
When its done, attach the log file here for review if possible.

  

Alert Printer-friendly copy | | Top

            
adirongThu Aug-02-12 09:33 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#13. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to CompPete (Reply # 10)
Fri Aug-03-12 01:59 AM by adirong

          

Thanks, I wouldn't have thot about that!

EDIT: The flash drive my Dad will use to DL those progs on is not blank. My next question is, will the flash drive get infected with the virus from his computer??

Adirondack Girl

  

Alert Printer-friendly copy | | Top

                
TtechFri Aug-03-12 02:14 AM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#14. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 13)


  

          

No way to know for sure. If it has important data on it, make sure it's backed up or use another flash drive or a CD-R. Flash drives shouldn't be used to archive data anyway, they are too vulnerable and unreliable.

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

                
CompPeteFri Aug-03-12 10:16 AM
Member since Apr 17th 2004
3167 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#15. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 13)


  

          

I can't guarantee anything, but I'd say with 99.9999% confidence that the flash drive will not get infected with anything. Its always a good idea to back up data though.

  

Alert Printer-friendly copy | | Top

                    
SidFri Aug-03-12 02:35 PM
Charter member
5023 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#16. "OFF-TOPIC BUT PERTINENT NOTE TO THE ABOVE THREAD."
In response to CompPete (Reply # 15)


          

I would just like to point out how representative this thread is of the value of this forum. Where else on earth can a person get the outpouring of neighborly help such as from those who have posted above??? Damned near gives me goose bumps to think about it!

.
Onward & Upward !
Sid

ASUS P8Z77-V Pro MB
Intel i5 3750K CPU
8g Corsair Vengeance DDR3 RAM
Antec P280 case
Corsair Neutron GTX

  

Alert Printer-friendly copy | | Top

TtechMon Aug-06-12 06:05 PM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#17. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 0)


  

          

I just cleaned up another PC with this infection. Couldn't do anything from normal or safe modes, had to use safe mode with command prompt. Then was able to navigate to my flash drive, E: in this case, and run combofix.exe. This removed the infection.

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

    
jbmcmillanTue Aug-07-12 02:25 AM
Member since Jul 17th 2002
5268 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#18. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 17)


          

Did it take a while running from the flash drive?

  

Alert Printer-friendly copy | | Top

        
TtechTue Aug-07-12 03:09 AM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#19. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to jbmcmillan (Reply # 18)


  

          

No, the combofix.exe file that I carry with me is downloaded from bleepingcomputer.com. This installs and runs combofix on the c: drive.

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

            
adirongTue Aug-07-12 06:32 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#20. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 19)
Tue Aug-07-12 10:52 PM by adirong

          

Dad ran the mbam scan after installing as late a version as he could but that didn't get rid of the moneypak virus for him. Before installing the ComboFix he ran his AdAware and that fixed his problem since he was then able to get back online after doing so. I had long given up on AdAware but I will have to rethink that one now!

My question is now, how do I know the virus is totally gone? Should we still run ComboFix if his PC seems to be running properly now? I'm not familiar with ComboFix and from what you all say it's a lil' more complex of a prog. Thanks for all the help. Do I have to uninstall my antivirus or just disable it to run ComboFix?

Adirondack Girl

  

Alert Printer-friendly copy | | Top

                
HoratioWed Aug-08-12 01:38 AM
Charter member
4162 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#21. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 20)
Wed Aug-08-12 02:34 AM by Horatio

          

I would run these three

TDSKiller
http://support.kaspersky.com/faq/?qid=208283363

Hitman Pro (30 day free trial)

http://www.surfright.nl/en/hitmanpro/

and Malwarebytes

If he can get on the internet his machine is no longer locked down so running those three above will probably clean up what is left, and there will probably be some odds and ends still there in different locations.

I've never seen these programs have any problems with antivirus scanners but you could disable yours if you want to.

I would explain to him after he is cleaned up how to delete all his system restore points and then create a new one.

  

Alert Printer-friendly copy | | Top

                    
StevehikerWed Aug-08-12 02:49 AM
Charter member
716 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#22. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Horatio (Reply # 21)
Wed Aug-08-12 02:53 AM by Stevehiker

          

I ran MalwareBytes in Safemode. It didn't find anything. I used my laptop to download ComboFix to the desktop of the laptop and then burned it to a CD. I put the CD into my infected computer, but had to do it in stages, because with ComboFix, you're supposed to close most of your antivirus, and malware programs (SuperAntiSpyware is okay to keep running). It took a few restarts to close all the programs I needed to, because the virus would show up again and lock things up; so I did a restart, closed another program, etc. Anyway, I got them closed and ran ComboFix off the CD and everything is now fine. Once ComboFix starts running, it just keeps going, even though the virus tries to start up again.

I called the FBI in San Francisco and passed on the info on ComboFix. They were glad to have the information.

Steve

  

Alert Printer-friendly copy | | Top

                    
adirongSun Aug-12-12 02:47 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#23. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Horatio (Reply # 21)
Sun Aug-12-12 02:49 PM by adirong

          

I didn't even think about creating a new system restore point and deleting the old ones! Makes sense. Lil scary in a way since I haven't even done something like that in ages. I will have to be careful in this matter. Any further tips much appreciated. Thanks.

Adirondack Girl

  

Alert Printer-friendly copy | | Top

TtechThu Aug-16-12 03:53 AM
Member since Aug 06th 2002
9876 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#24. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to adirong (Reply # 0)


  

          

Some interesting info about the FBI Warning infection.

http://krebsonsecurity.com/2012/08/inside-a-reveton-ransomware-operation/

Behind every good computer... is a jumble of wires 'n stuff.

  

Alert Printer-friendly copy | | Top

    
adirongMon Aug-27-12 04:46 PM
Charter member
1595 posts
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#25. "RE: How to Remove the FBI MoneyPak Malware Virus?"
In response to Ttech (Reply # 24)


          

thanks..

Adirondack Girl

  

Alert Printer-friendly copy | | Top

Top The PC Q&A Forum The Computer Forum topic #545076 Previous topic | Next topic
Powered by DCForum+ Version 1.27
Copyright 1997-2003 DCScripts.com
Home
Links
About PCQandA
Link To Us
Support PCQandA
Privacy Policy
In Memoriam
Acceptable Use Policy

Have a question or problem regarding this forum? Check here for the answer.