I am new in the forums so please forgive me if I'm in the wrong discussion area.
I got hit with the FBI MoneyPak virus which Mcafee didn't catch and have tried hard to remove it with limited results.
Here's where I'm at:
1. I disconnected from the internet and the blocking page disappeared.
2. I restarted in SafeMode and tried to locate the files in the Registry Editor.
3. LiveAdmin has a promising Uninstall Guide, but It wasn't clear enough to get me to the particular files.
4. I have Windows 7, if that is helpful and will happily provide any further info about my particular case in order to help others
down the road.
This is soooo frustrating and a waste of people's time and I would appreciate any help!
PS I noticed Hayton had begun to respond to this problem (thanks!), but I couldn't find the thread again.
Moved to Malware Discussion > Home User Assistance.
Your easiest way out of anything like this is to try to initiate System Restore. If it wont start in regular mode you can initiate it in Safe Mode reached by tapping F8 repeatedly while booting up.
Go to Start/All Programs/Accessories/System Tools or go to Start/Run and type rstrui.exe and click OK to any prompts or you can even simply click the Start button and type it in the search box, then click it when it appears in the box above.
Try to restore to a time before all this happened. If successful make sure to update everything that needs it, even parts of Windows you may not use such as Internet Explorer for example.
If that fails then try running Stinger from the last link in my signature below.
If that fails try Malwarebytes Free also linked there. Update it before running and not that it can be installed, updated and run all in Safe Mode with Networking if need be.
If that fails you may be able to find a solution using a Google Search for Uninstall FBI Moneypak but be very careful to only go to reliable sites, assuming you are using SiteAdvisor or WoT ot similar to guard your browsing, or try posting a Hijakcthis log on one of the forums I suggest in that link near the bottom.
Message was edited by: Ex_Brit on 14/07/12 6:02:24 EDT PM
This has been moved to Top Threats.
I'm not sure exactly what you've accomplished so far. This infection is relatively easy to clear, but it may have downloaded other malware - and you haven't said whether you have a problem with encrypted files.
See the following threads, which have removal advice. Try Microsoft first.
Edit - I see two replies arrived together. Try Ex_Brit's System Restore advice first.
Message was edited by: Hayton on 14/07/12 23:06:16 IST
I too got the fbi MP virus, system restore helped and my machine is back running but is that virus STILL in my machine and is further actions needed.
Doing system restore in safe mode done the trick.....
You need to temporarily disable System Restore to delete the infected restore point and that will be all that's needed hopefully.
You can access it by right-clicking 'Computer' (or 'My Computer' if XP) and selecting Properties, then go to the System Protection tab.
THX...See if i got this right... got the MP virsus 7-14. Im not sure which restore point i used but it worked. Looking at the restore points the last one before 7-14 was 7-11, not to b confused with the convience store... Is that it?
AND further... i have C Cleaner and i can go to the tool section and remove old restore points... Just happened that there was a new restore point today (it wont let you remove the latest)
If this is true then it will be an easy fix as i usually remove old restore points..
And to further elaborate, if there wasnt a restore fix made today i could always make one and that would allow you to remove even the latest?
It makes cents to me but I will wait for your or someone elses opinion...
You can't remove the last restore point because that was the one you just did.
I said temporarily disable System Restore in other words turn it off, Apply and OK any prompts. Then turn it back on again.
Please do not use CCleaner for that purpose.
Message was edited by: Ex_Brit on 15/07/12 11:42:39 EDT AM