Never keep 2 antivirus applications together on the same machine as they can clash and actually admit malware as a result. One + something like Malwarebytes Free or SuperAntispyware or similar is fine as those don't have the real-time antivirus component.
See the last link in my signature for a few suggestions.
The first weapon when something untoward strikes is a) don't click anything at all, b) power off completely, c) reboot into Safe Mode and initiate System Restore to before it all happened.
If successful turn System Restore off and back on again to delete the infected restore point and don't forget that everything may need updating afterwards. That is an invaluable escape machanism.
I used CtrlAltDel to try to access the task manager and shut FBI Scam Screen down but instead the FBI Scam screen came back. I did CtrlAltDel again and logged off. That worked and I logged on as a guest. I was able to run system restore by providing my admin password. Once restored the scam was gone.
You said "If successful turn System Restore off and back on again to delete the infected restore point and don't forget that everything may need updating afterwards." Not clear what happens when you turn system restore off and on. Why does it remove latest restore points?
By temporarily turning it off it will delete the infected restore point, along with all the others of course, but at least the machine will be rid of it. Then turn it back on to start creating normal restore points once again.
Here are the steps i got from tech support to manually deal with this.
i am suffering with trojan virus. my pc is not working normally. some time it is open many aplications automatically. how i removw this virus.
The first thing to do when one of these hits is DO NOT CLICK ANYTHING not even the 'X' to dismiss any popups. Power down immediately, reboot into Safe Mode by tapping F8 repeatedly while booting up.
From there intitiate System Restore to before all this started.
Otherwise, there is an excellent removal guide here: http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware
Or simply read through this entire thread for multiple choices for dealing with this.Message was edited by: Ex_Brit on 19/10/12 7:09:18 EDT AM
I took the hard drive out and put it in a case with USB connector and plugged it into another compiuter. I ran Malware, Superanti Spyware, Kapersky and McAfee. It got rid of the malware I think because the second time I ran all the above it did not find anything. When I put it back into the computer I ran all that again and it found some more stuff.
At least I got to safe mode and regular mode. Before that no matter what I did I could not get to a screen where I could do anything. I did notice the hang time that you were talking about. If it happens again I will try that.
This morning the virus checkers ran again ad they are still finding stuff but nothing that has interfered with starting the system. It has to be hiding really well.
Thanks for the suggestions.
Hi i am brand new and i had the fbi money pak scam happen to me I deleted the user but am still getting virus messages Iam completewly lost and have no idea if since i bought my macafee tonight if it took all the registry and trojans when I ran it / It said one of my reg files was replaced by malware how can i know if its off my puter/?????
Any help would be appreciated
first I would restore back to a point before you gopt it. Do this in safe mode as mentioned above post 44.
as well as the other sites mentioned here is a good 1st point of attack
Of all the methods of removing the FBI MoneyPak Scam malware, starting the infected PC in SAFE MODE WITH NETWORKING seems to be the easiest. However in my case this did not work because when I tried this my PC reverted back to normal mode all the time. Nothing gained.
I see reports from others that have hardware skill where a hard drive or thumb drive was added to boot from, some anti-malware software and malware removal proceeded from there. This also did not work for me. I even tried installing my McAfee on the clean boot drive to see if it would detect and remove the FBI Scam from the infected drive now listed as drive D. It did not.
The method I used, and hope you might try, involved no hardware skill or starting in SAFE MODE.
I noticed there was a time lag of about 10 seconds from when my Windows desktop appeared until the FBI Scam screen appeared. I thought that the virus application was starting during this time period.
I rebooted my PC and as soon as my desktop appeared I pressed Ctrl, Alt and Del keys to get the Windows Windows Task Manager to appear. The Task Manager acted normally and immediately started showing the latest application that was starting up. I just randomly started clicking End Process within the Task Manager in an attempt to stop the virus from proceeding. Within about 5 reboots I got lucky and the FBI Scam did not start.
From this point I downloaded and ran a free trial version of Malwarebytes software. Malwarebytes found the malware and removed it. I have had no trouble since.
If you try this and it works please report back.