Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with removing fbi green dot moneypak virus windows xp pro desktop dell 4500


  • This topic is locked This topic is locked
7 replies to this topic

#1 Eric85z

Eric85z

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 06 May 2013 - 07:42 PM

Hi everyone im trying to save my uncle a few bucks and clear his cpu of this nasty virus the fbi greendot moneypak virus he got infected two days ago so far I have tried hit man pro from a flash drive no go right know im running malewarebytes pro on his system the virus dictionary is out of date I cant secure a net connection to update it I think it said the virus database was last updated in 2012.
 
 
 
what I have to clean his system is a clean cpu to work with to load tools on flash drive ,and a single cd-r
 
 
the infected cpu is a desktop dell dimension 4500 running windows xp professional desktop cpu
I can only get to the desktop using safe mode with command prompt not with networking.
 
 
can someone assist  me please I will be monitoring this thread closely feel free to email me or sms me
 
*Moderator Edit: Moved topic from  to the more appropriate forum. Also removed email address and AIM id. All help is given in the forum to avoid conflicts if receiving help from multiple sources. Keeping it public ensures you that you are receiving knowledgable help. ~ Queen-Evie*

Edited by Queen-Evie, 06 May 2013 - 09:59 PM.


BC AdBot (Login to Remove)

 


#2 JHMcG

JHMcG

  • Members
  • 242 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 May 2013 - 07:58 PM

You could try taking the HDD out of his machine and installing it in yours as a slave drive, then run your antivirus program on it.



#3 Eric85z

Eric85z
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 06 May 2013 - 08:32 PM

yea but what anti virus will work the geek squad told no av will work is that true? that's an option if I had sure fire fix



#4 JHMcG

JHMcG

  • Members
  • 242 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 May 2013 - 08:47 PM

Well at least if you did it that way you could update Malwarebytes. And besides that, most viruses wind up on "C" drive, and they are designed to prevent it from running properly, i.e. you can't go online, your antivirus program doesn't work properly, etc. So if you install the drive as a slave in another machine with an uninfected "C" drive, then your "C" drive works properly and you can cleanup the infected drive. I have done that for friends with my machine.


Edited by JHMcG, 06 May 2013 - 09:27 PM.


#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:12:11 AM

Posted 06 May 2013 - 10:02 PM

You can also wait for someone to help with the removal process. I will let them know about your issue.

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:11 AM

Posted 07 May 2013 - 08:26 AM

Hi Eric85z,
 
Since you are unable to get to the desktop using safemode with networking, try the following instructions (the tool should be updated to run on Windows XP) to post a log that we can work with. I am also moving this topic to the Malware Removal Logs forum where it will stay:

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.

Now boot the infected computer into safemode with Command Prompt.

Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make two logs on it's first run (FRST.txt, and Attach.txt) on the flash drive. Please copy and paste them to your next reply.
==========

Let me know how you make out!

bloopie

Edited by bloopie, 07 May 2013 - 12:29 PM.
Fixed instructions


#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:11 AM

Posted 09 May 2013 - 06:29 PM

Hello again,

 

Do you still need assistance with this issue? If so, please follow the instructions in my previous post!

 

bloopie



#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:11 AM

Posted 13 May 2013 - 05:30 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users