Moneypak virus, can't even open in Safe Mode

Discussion in 'Malware Help (A Specialist Will Reply)' started by B.R.Judge, Apr 12, 2013.

  1. B.R.Judge

    B.R.Judge Private E-2

    I have had this blasted virus before and have been able to kill it in Safe Mode but this one won't even allow me to go into Safe Mode. It will start opeing Safe but then logs out automatically. I am running Windows 7 64bit.

    I did a bit of reading on this forum and saw a few things about running Farbar which I have but it didn't seem to do anything. Any help would be greatly appreciated as this is my work computer and I can't go long without being able to use it.

    Here is the FRST file Farbar generated.
     

    Attached Files:

    B.R.Judge, Apr 12, 2013
    #1
  2. B.R.Judge

    B.R.Judge Private E-2

    It looks like I was able to resolve this one on my own (with an additional couple of hours of research). I was able to get to a command prompt and just run Malawarebytes from there to resolve to biggest problem then being able to log onto my system regularly I ran all the ancillary programs to make sure any leftover pieces were fixed or removed.
     
    B.R.Judge, Apr 12, 2013
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Sorry we could not get to you sooner. Been very busy here. But glad to hear you are back in service.

    Did you remove all of the below? You had a ZeroAccess infection too:


    HKU\B.R. Judge\...\Winlogon: [Shell] explorer.exe,C:\Users\B.R. Judge\AppData\Roaming\skype.dat [66048 2012-04-02] ()
    2013-04-12 11:39 - 2013-04-12 13:34 - 00000004 ____A C:\Users\B.R. Judge\Application Data\skype.ini
    2013-04-12 11:39 - 2013-04-12 13:34 - 00000004 ____A C:\Users\B.R. Judge\AppData\Roaming\skype.ini

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-21-3686333111-3145748002-1992092390-1001\$e209545bb21ccd4253023b2c6e164685
    C:\$Recycle.Bin\S-1-5-21-3686333111-3145748002-1992092390-1001\$e209545bb21ccd4253023b2c6e164685\L
    C:\$Recycle.Bin\S-1-5-21-3686333111-3145748002-1992092390-1001\$e209545bb21ccd4253023b2c6e164685\U
     
    chaslang, Apr 15, 2013
    #3
  4. B.R.Judge

    B.R.Judge Private E-2

    To be honest I'm quite unsure. I ran all the programs you guys had listed on that general page about getting rid of malware and the like but can't say for sure. I'll run Farbar again and check the new FRST file.

    If it is still there what would you suggest for me to get rid of the ZeroAccess infection?
     
    B.R.Judge, Apr 16, 2013
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Apr 18, 2013
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds