cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

FBI MoneyPak Scam - Removing Virus

Jump to solution

Hi,

I am new in the forums so please forgive me if I'm in the wrong discussion area.

I got hit with the FBI MoneyPak virus which Mcafee didn't catch and have tried hard to remove it with limited results.

Here's where I'm at:

1. I disconnected from the internet and the blocking page disappeared.

2. I restarted in SafeMode and tried to locate the files in the Registry Editor.

3. LiveAdmin has a promising Uninstall Guide, but It wasn't clear enough to get me to the particular files.

4. I have Windows 7, if that is helpful and will happily provide any further info about my particular case in order to help others

down the road.

This is soooo frustrating and a waste of people's time and I would appreciate any help!

Many thanks!

PS I noticed Hayton had begun to respond to this problem (thanks!), but I couldn't find the thread again.

1 Solution

Accepted Solutions
vinoo
Level 13
Report Inappropriate Content
Message 55 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Here are the steps i got from tech support to manually deal with this.

  • If infection is active – reboot computer to Safe Mode with CommandPrompt.
  • In Command Prompt Window type explorer.exe
  • Locate the infected file and rename the malware file
    • Infected file location is usually %Temp% or %Appdata%
  • Use GetSusp/Autoruns if you're having trouble locating the infected file.
  • Reboot the computer to Normal Mode.
72 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Moved to Malware Discussion > Home User Assistance.

Your easiest way out of anything like this is to try to initiate System Restore.  If it wont start in regular mode you can initiate it in Safe Mode reached by tapping F8 repeatedly while booting up.

Go to Start/All Programs/Accessories/System Tools or go to Start/Run and type rstrui.exe and click OK to any prompts or you can even simply click the Start button and type it in the search box, then click it when it appears in the box above.

Try to restore to a time before all this happened.   If successful make sure to update everything that needs it, even parts of Windows you may not use such as Internet Explorer for example.

If that fails then try running Stinger from the last link in my signature below.

If that fails try Malwarebytes Free also linked there.  Update it before running and not that it can be installed, updated and run all in Safe Mode with Networking if need be.

If that fails you may be able to find a solution using a Google Search for Uninstall FBI Moneypak but be very careful to only go to reliable sites, assuming you are using SiteAdvisor or WoT ot similar to guard your browsing, or try posting a Hijakcthis log on one of the forums I suggest in that link near the bottom.

Message was edited by: Ex_Brit on 14/07/12 6:02:24 EDT PM

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Many thanks, Ex_Brit and Hayton!

It is great when someone is willing to help. I'll try all of the above

and thanks again!

Gothamguy

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

I too got the fbi MP virus, system restore helped  and my machine is back running but is that virus STILL in my machine and is further actions needed.

Doing system restore in safe mode done the trick.....

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 5 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

You need to temporarily disable System Restore to delete the infected restore point and that will be all that's needed hopefully.

You can access it by right-clicking 'Computer' (or 'My Computer' if XP) and selecting Properties, then go to the System Protection tab.

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

THX...See if i got this right... got the MP virsus 7-14. Im not sure which restore point i used but it worked. Looking at the restore points the last one before 7-14 was 7-11, not to b confused with the convience store... Is that it?

AND further... i have C Cleaner and i can go to the tool section and remove old restore points... Just happened that there was a new restore point today (it wont let you remove the latest)

If this is true then it will be an easy fix as i usually remove old restore points..

And to further elaborate, if there wasnt a restore fix made today i could always make one and that would allow you to remove even the latest?

It makes cents to me but I will wait for your or someone elses opinion...

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 7 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

You can't remove the last restore point because that was the one you just did.

I said temporarily disable System Restore in other words turn it off, Apply and OK any prompts.  Then turn it back on again.

Please do not use CCleaner for that purpose.

Message was edited by: Ex_Brit on 15/07/12 11:42:39 EDT AM

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

When i turned off SR i couldnt access any restore points. are you saying just turn it off and then back on again or actualy delete some files? thx agn..

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

I may have answered my own ? , i went back to look at the restore points and they are gone.... no reply is needed thank for your assistance....

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 10 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Exactly, that's got rid of all of them...just in case.  Now turn it back on & feel free to create a new one if you wish if all is OK now.

😉