FBI Moneypak

Discussion in 'Malware Help (A Specialist Will Reply)' started by TomL2829, May 18, 2013.

  1. TomL2829

    TomL2829 Private E-2

    Greetings. I am trying to remove FBI Moneypak from a friend's PC: Win XP, 32 bit. I pulled the HDD and installed in another PC and ran MBAM on it, full scan, but it found no threats. I created a bootable flash drive with Hitman pro, but this PC is 10 yrs old and won't boot from USB. I was able to run FSRT; log file is attached. Thanks in advance for any help. -T
     

    Attached Files:

    TomL2829, May 18, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I assume this log is from after putting the harddisk back into the original computer?? You did not say that you put it back.

    What are the below files and why are they save in two locations?
    Code:
    2013-05-18 17:18 - 2007-06-21 21:30 - 00240536 ____A C:\Documents and Settings\backdoor\My Documents\k9-webprotection.exe
2013-05-18 17:18 - 2005-10-24 00:01 - 02658481 ____A (Tenmiles Corporation) C:\Documents and Settings\backdoor\My Documents\CleanScreenSetup.exe
 
2013-04-19 10:20 - 2007-06-21 21:30 - 00240536 ____A C:\Documents and Settings\Administrator.RICKNMARGIE\My Documents\k9-webprotection.exe
2013-04-19 10:20 - 2005-10-24 00:01 - 02658481 ____A (Tenmiles Corporation) C:\Documents and Settings\Administrator.RICKNMARGIE\My Documents\CleanScreenSetup.exe

    Download this >> View attachment fixlist.txt



    Save fixlist.txt to your flash drive.
    • You should now have both fixlist.txt and FRST.exe on your flash drive.
    Now Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt).
    Please attach this to your next message. (See how to attach)

    Now see if you can boot into normal Windows?

    If you can then I recommend that you run the below because there were more problems than just FBI Moneypak.


    READ & RUN ME FIRST. Malware Removal Guide
     
    chaslang, May 19, 2013
    #2
  3. TomL2829

    TomL2829 Private E-2

    Thanks very much for the reply. I did manage to remove Moneypak, but found it has the ZeroAccess rootkit. I'm seriously considering reinstalling Win. If not, I will follow the Guide. Thanks again.
     
    TomL2829, May 19, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.
    Yes and that is part of what my fix would correct and also the reason I said run our cleaning procedure. We have remove thousands of these infections.
     
    chaslang, May 19, 2013
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds