cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 51 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Never keep 2 antivirus applications together on the same machine as they can clash and actually admit malware as a result.   One + something like Malwarebytes Free or SuperAntispyware or similar is fine as those don't have the real-time antivirus component.

See the last link in my signature for a few suggestions.

The first weapon when something untoward strikes is a) don't click anything at all, b) power off completely, c) reboot into Safe Mode and initiate System Restore to before it all happened.

If successful turn System Restore off and back on again to delete the infected restore point and don't forget that everything may need updating afterwards.    That is an invaluable escape machanism.

Highlighted

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

I used CtrlAltDel to try to access the task manager and shut FBI Scam Screen down but instead the FBI Scam screen came back.  I did CtrlAltDel again and logged off.  That worked and I logged on as a guest.  I was able to run system restore by providing my admin password.   Once restored the scam was gone. 

You said "If successful turn System Restore off and back on again to delete the infected restore point and don't forget that everything may need updating afterwards."  Not clear what happens when you turn system restore off and on.  Why does it remove latest restore points?

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 53 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

By temporarily turning it off it will delete the infected restore point, along with all the others of course, but at least the machine will be rid of it.  Then turn it back on to start creating normal restore points once again.

makira
Level 7
Report Inappropriate Content
Message 54 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

i am suffering with trojan virus. my pc is not working normally. some time it is open many aplications automatically. how i removw this virus.

vinoo
Level 13
Report Inappropriate Content
Message 55 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Here are the steps i got from tech support to manually deal with this.

  • If infection is active – reboot computer to Safe Mode with CommandPrompt.
  • In Command Prompt Window type explorer.exe
  • Locate the infected file and rename the malware file
    • Infected file location is usually %Temp% or %Appdata%
  • Use GetSusp/Autoruns if you're having trouble locating the infected file.
  • Reboot the computer to Normal Mode.
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 56 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

makira wrote:

i am suffering with trojan virus. my pc is not working normally. some time it is open many aplications automatically. how i removw this virus.

The first thing to do when one of these hits is DO NOT CLICK ANYTHING not even the 'X' to dismiss any popups.  Power down immediately, reboot into Safe Mode by tapping F8 repeatedly while booting up.

From there intitiate System Restore to before all this started.

Otherwise, there is an excellent removal guide here:  http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

Or simply read through this entire thread for multiple choices for dealing with this.

Message was edited by: Ex_Brit on 19/10/12 7:09:18 EDT AM

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Johnnery

I took the hard drive out and put it in a case with USB connector and plugged it into another compiuter.  I ran Malware, Superanti Spyware, Kapersky and McAfee.  It got rid of the malware I think because the second time I ran all the above it did not find anything.  When I put it back into the computer I ran all that again and it found some more stuff. 

At least I got to safe mode and regular mode.  Before that no matter what I did I could not get to a screen where I could do anything.  I did notice the hang time that you were talking about.  If it happens again I will try that. 

This morning the virus checkers ran again ad they are still finding stuff but nothing that has interfered with starting the system.  It has to be hiding really well.

Thanks for the suggestions.

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Hi i am brand new and i had the fbi money pak scam happen to me I deleted the user but am still getting virus messages Iam completewly lost and have no idea if since i bought my macafee tonight if it took all the registry and trojans when I ran it / It said one of my reg files was replaced by malware how can i know if its off my puter/?????

Any help would be appreciated

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 59 of 73

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

first I would restore back to a point before you gopt it. Do this in safe mode as mentioned above post 44.

That and

McAfee Communities: Anti-Spyware, Malware & Hijacker Tools

as well as the other sites mentioned here is a good 1st point of attack

Re: FBI MoneyPak Scam - Removing Virus

Jump to solution

Hi Southernly,

Of all the methods of removing the FBI MoneyPak Scam malware, starting the infected PC in SAFE MODE WITH NETWORKING seems to be the easiest.  However in my case this did not work because when I tried this my PC reverted back to normal mode all the time.  Nothing gained.

I see reports from others that have hardware skill where a hard drive or thumb drive was added to boot from, some anti-malware software and malware removal proceeded from there.  This also did not work for me.  I even tried installing my McAfee on the clean boot drive to see if it would detect and remove the FBI Scam from the infected drive now listed as drive D.  It did not.

The method I used, and hope you might try, involved no hardware skill or starting in SAFE MODE.

I noticed there was a time lag of about 10 seconds from when my Windows desktop appeared until the FBI Scam screen appeared.  I thought that the virus application was starting during this time period.

I rebooted my PC and as soon as my desktop appeared I pressed Ctrl, Alt and Del keys to get the Windows Windows Task Manager to appear.  The Task Manager acted normally and immediately started showing the latest application that was starting up.  I just randomly started clicking End Process within the Task Manager in an attempt to stop the virus from proceeding.  Within about 5 reboots I got lucky and the FBI Scam did not start.

From this point I downloaded and ran a free trial version of Malwarebytes software.  Malwarebytes found the malware and removed it.  I have had no trouble since.

If you try this and it works please report back.

Good luck

John

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community