Hello everyone,

Then FBI MoneyPak virus is still going strong and continues to reek havoc whenever it can. In a previous post I told you how I removed this nasty virus, but I must tell you that the virus has many variants and has morphed greatly since it first appeared.

So, I got a call the other day from a frantic client who was extremely nervous about going to jail. He told me that the FBI had confiscated his computer and was demanding that he pay $200.00 or else face going to the “slammer” for four to twelve years.

I went over to the clients house, turned on his machine, and sure enough the FBI screen popped up and audibly told me over and over again of  the illegal activity, and that arrest was 72 hours away if I didn’t “pay up”. I knew that this was going to be a “tough one”, so I took the clients computer to my shop and here is what I found and what I did:

1) I turned on the machine and started tapping the F8 key in order to boot the machine into Safe Mode. This did not work! The virus had rendered Safe Mode unusable! But I wasn’t too worried because I had some other tricks up my sleeve.

2) I got out my trusty Kaspersky Rescue Disk, popped it into the CD drive and attempted to boot up the machine from the CD drive. This did not work! The FBI virus would not allow the Kaspersky Disk to fully load! I wasn’t too worried though because I had some other tricks up my sleeve!

3) I got out my trusty Trinity Rescue Kit CD , popped it into the CD drive and attempted to boot up the machine from the CD drive. This did not work! The FBI virus would not allow the Trinity bootable CD to fully load! Now I was starting to get excited because things were getting interesting! It was me against the virus and I relished the challenge. As a true computer repair tech, I dug in deeper and thought “bring it on” you miserable piece of “crap” virus!

4) I knew that I had to access the infected machines hard drive somehow, so I attempted to boot the machine with Hiren’s BootCD. This did work! Hiren’s booted up and at the Hiren’s boot options screen I choose Mini Windows XP.

5) Once the Mini Windows XP OS screen appeared, I clicked on the HBCD Menu in order to access a list of all the Hiren’s repair tools. From the selection of Antivirus tools, I ran a scan with GMER and Avira AntiVir Personal (I updated these before scanning – internet connection was up and running).

6) After running these two scans, I was able to reboot the machine into Safe Mode. Once the computer had booted into Safe Mode I did a System Restore to a date before the computer had become infected (I chose two weeks earlier).

7) After the System Restore had finished running, the machine booted into Normal Mode and I completed the clean up by running HitmanPro, ESET Online Scanner, and Comodo Cleaning Essentials.

8) Bye, bye, FBI!!

Professor Randy says: I wish there was some easier way to remove this insidious nuisance but different variants are becoming a bit harder to remove as time progresses. In my next post I’ll tell you of yet another way that you can thoroughly remove this plague from your system.