How did ESET smart security 7.0.302.26 allow FBI moneypac virus to infect my computer?

[David241 0]

My Google Chrome browser is locked by FBI moneypac virus. I did an in-depth scan and ESET smart security found nothing. Computer scan logs have 6 items for google chrome, 2 end with "error opening" and 4 end with "LOCK-error opening". Does anyone know how to remove FBI moneypac virus???

I have two other browsers I.E. 11 and Firefox 26 or I could not be communicating with anyone.

[Marcos 4,919]

Do you mean that only Chrome is affected and otherwise you can work with your machine? Does it happen only with the computer connected to the Internet or even when you disconnect it from network?

[David241 0]

Hi Marcos,

Yes, only Chrome is affected. I had to change my defalt browser to Firefox. I have noticed no other problems with my computer. I cannot close Chrome when connected to the internet or not connected. The LOCKED browser basically says, the FBI has locked your browser, you have 48 hours to pay a fine or they will come after me. Fortunately I know the FBI does not take bribes. I have visited adult sites but have not seen anything illegal. My Chrome displayed URL is :

fbi.gov.id386324558-25XXXXX901.e327367.com           I replaced five numbers with XXXXX so no one will access a problem.    I am pretty sure I can close Chrome using CCleaner, which will ask if I want it to close Chrome, then state Chrome is taking a long time to close do you want to force it to close. I do not know if there will be any long term after effects from using CCleaner to do this.

Is not ESET supposed to prevent the FBI moneypac?

[Arakasi 549]

ESET is designed to detect and clean the moneypac virus that infects the entire system.

Not just the browser.

 

Try this and see if it helps :
Open chrome and click settings then history.

Choose clear browsing data.

Delete all your browsing history, download history, delete cookies and other site plugin data, delete all the cache, clear your saved passwords, clear autofill data, and hosted apps.

Then Uninstall chrome.

Proceed to https://www.google.com/intl/en/chrome/browser/

Download the latest release and install..

 

Check if your problem is fixed.

If it is.... then run a complete Smart Scan with ESET after verifying you have the most up to date virus definitions database.

If it isnt....still run a complete scan and post back here with your results.

[David241 0]

Hi Arakasi,

 With respect, I consider my browsers part of my computer. If ESET cannot protect ALL OF MY COMPUTER INCLUDING MY BROWSERS why should I pay for it?

After doing all the steps you describe (I am not pleased to lose my data) Chrome will still not close. My computer will not allow me to uninstall Chrome while it is open.

 

Again with respect.

Why do you think a complete smart scan will reveal anything after removing  and reinstalling Chrome? A complete smart scan currently states no threat found while my browser is infected. If it cannot find a problem now, why should it find a problem after I remove it?

 

Anyone interested I have Windows 8.1   64bit

[Arakasi 549]

Well David, to answer a few things for you.

Your Browser is not your whole computer. Its only a application allowing you to browse websites. Having one corrupted is a small and very minimal problem. Just download and use a different one.

Chrome is a horrible browser to be using in the first place.

Clearing out your cache, cookies, and site passwords is not losing your data. Data loss would be pictures documents programs going missing.

If your chrome doesn't close, then you have a memory issue or compatibility issue with your browser, or its the malware.

A smart scan will also remove remnants of an infection had you cleared it out by deleting your cache.

 

Your response was a little defensive and on the presumption that i'm not trying to help you.

I am trying to help you. I am also trying to help you understand whats going on.

Currently the only known FBI moneypak virus in existence and the variants that follow, are shell based and they lock down your entire computer. Not just your browser.

The only moneypak virus that is browser only i am aware of, is the one for Apple Macintosh OSX.

 

Maybe you do have the real fbi moneypak virus, and it IS taking control of your entire computer.

Can you open other applications like Word or Open the start menu and browse programs ?

 

ESET currently detects and removes most variants of the FBI virus.

 

If you have up to date database and you have run a full scan in safe mode, and eset detected nothing.

Then you may have a NEW class or variant of the ransomware.

 

If that is the case, NO OTHER VENDOR will help you.

ESET catches more in the wild viruses and new and upcoming threats, then any other company or vendor.

It would be best to give ESET the chance to assist you and examine your case specially.

They may want samples or a way of you submitting this to them for observation so they can add it to all future databases and owners of Nod32 or ESS etc.

 

Can you tell us what database version of the virus definitions you have, in the about section.

Are you able to create a Sysinspector Log for us?

How do I create a SysInspector log and submit it to ESET Customer Care for analysis?

 

If you can, Marcos may want it for troubleshooting, please wait for his response.

Edited December 22, 2013 by Arakasi

[David241 0]

Arakasi,

  I do reconise that you are trying to help me. I am not the most experienced person with a computer. I am not upset with you but feel disappointed with ESET. I find it's user interface confusing. I only have the trial version of smart security 7. 

 I can access all programs on my start screen - maybe they are just apps?  I do not use word, only wordpad which is fine. I can access my control panel and all installed programs.

I did manage to close Chrome with CCleaner.

I have not used safe mode, I know what it is but have never used it. If you want to access the URL above I can give you the missing five numbers. Then you can see exactly what my browser was experiencing. To the best of my knowledge ESET is up to date, it has only been installed a little more than two weeks.

I understand this question is probally stupid but in my scan logs I see 13 error opening statements for Firefox. Firefox is working fine, why are there error opening logs.

 My ESET version is 7.0.302.26

[Arakasi 549]

Thanks David,

Maybe i misinterpreted your statement which was cordial. Its hard to tell with words alone and no sound

Yes the programs on your start screen are just apps.

Are you able to access the Desktop app just fine too ?

Lets start with creating that sysinspector log. It will be very helpful to assist in repair.

ESET will likely want to see it. If it was posted or uploaded here i could assist as well.

Thanks for your patience.

[David241 0]

Arakasi,

  You are most kind and I very much appreciate your input. I was engaged in an experiment using ESET Smart Security 7. An online friend reccomended it so I installed it and uninstalled a AV program I have paid for, my paid AV program is valid for another 6 months.

 My desktop works fine

I am being assisted by MBAM support and have run a dianogistic program and submitted the results for review. I would like to continue with them as I am a paying customer with them.

 WHAT I WOULD MOST APPRECIATE FROM YOU IS A LINK TO A PDF DOCUMENT THAT EXPLAINS THE ESET SMART SECURITY 7 USER INTERFACE.

Understanding the user interface will be critical to my decision on purchasing this product.

Please note my old AV program claims to protect browsers with what they call "WEB SHIELD". I contacted their forum to ask that question.

[Arakasi 549]

Malwarebytes will also help you in cleaning the fbi virus as well.

ESET protects clients with web protection as well.

They have an anti exploit feature for browsers and http + https protocol scanning.

They just dont sugar coat things and call it a web shield. They get right to the point. They scan the http protocol or "highway" for everything coming and going on your browser.

If you click on the gear icon from the main screen. In the list at right you will see Web access protection.

 

I would love for you to investigate further to make your decision with ESET. I promise you wont be disappointed and we will surely help you here with whatever troubles you are having.

As you requested here are your guides. Click them as they are direct links.

 

Quick Guide PDF

 

Full Guide PDF

Edited December 23, 2013 by Arakasi

[Arakasi 549]

There is an entire knowledge base on all products including Smart Security here :
 

ESET Knowledge Base

 

[David241 0]

Many Thanks for the links to the guides. I am sure I use less than 10 percent of my computers potential.  My hard drive has a total of 448 GB of space and 409 GB is free. For the most part I surf the web, use my apps and use email. I am not sure I actually had the FBI virus. Chrome was locked I did not find any other problem. I will let you know what MBAM finds, it may take a few days. Again thanks for the links.

[Ryan Hayward 2]

You must understand that if you visit adult sites then your chances of getting infected with a virus dramatically increases, with or without security suites. No security suite will catch 100 percent of what is out there. Eset will probably catch 99 percent and you just got every unlucky with that remaining one percent chance.

 

Stick with the well known adult sites like Playboy to avoid the chance of this happening again.

[Arakasi 549]

Haha, thats funny Ryan.

Never had someone come right out and bring that up.

It is true that the fbi virus comes prominently from certain locations only.

I have seen it come from a few non-adult web locations as well though.

Edited December 24, 2013 by Arakasi

[David241 0]

Hi Ryan & Arakasi,

  Let's say you have a new mountain bike, it is reported to be the best. Are you going to test it by riding on a smooth sidewalk or go for a ride in the woods?

I honestly expected ESET to do 1 of 2 things, either block access to a website based on poor reputation or announce THREAT DETECTED and block access.

HAVE BOTH OF YOU EVER KNOWN ESET TO DO EITHER OF THESE THINGS???   Even MBAM will occasionally block access and notify threat detected.

 

I knew what I was doing was not smart, I believed ESET would save me from any problem, I honestly wanted it to announce threat detected.

 

Also eporner.com is much better than playboy and just as safe.

Edited December 24, 2013 by David241

[Arakasi 549]

I could give you a list of sites ESET will block and say threat detected if thats what you are looking for.

I see it on a daily on my computer, i have ended up at a few sites that definitely get kicked back from ESET.

 

I use mbam as well, but honestly.... i get kicked from the bad sites from ESET before Malwarebytes has a chance to mumble or even squint at the site url.

 

I think mbam checks urls against a database. Eset scans the http protocol directly.

Edited December 24, 2013 by Arakasi

[David241 0]

Hi Arakasi,

   Glad to hear your response. No I do not need a list. I should apologize because I believe the suggestion you gave me on resetting Chrome wasa very effective. I AM SORRY I DID NOT THANK BEFORE NOW..

   I do not understand your statement that Chrome is a poor browser to use. The big three browsers are Internet Explorer, Chrome and Firefox. Safari is used on Apple products.

   Which browser do you prefer and why?

[Arakasi 549]

So After clearing cache and reinstalling Chrome is working OK now ?

That's great news !

 

I can say and list a few points that may help you understand my hesitation for Chrome.

 

1. I do believe that Chrome is a very fast browser. "Some say its the fastest" However this also makes a big impact on the internet community causing millions to flock towards it.

2. Due to the high population of users now switched to chrome. Virus writers and malware creators now have 1 single piece of software that they know everyone, or a high percentage will be using.

        *This is what i would build a virus around. Target Chrome users, and easily you will have a nice spreading virus that you know is bound to infect some people and a higher population of the internet.

3. Google is profit driven, and their statement for a free and open-source browser was hog-wash. Full code was never released. This is a big impact on the open-source community; when we all work together, we can collectively benefit. That being said; my favorite browser is Mozilla's

Firefox focuses on the user, chrome focuses on google and the app.

4. Flexibility and customization is far superior in Firefox. Firefox has more addons.

5. HTML/CSS bugs in Chrome wont be found as much in Firefox. This makes developers work more to make their websites work properly on Chrome.

6. Google has become really big on holding peoples information. So i stay away from their syncing and cloud servers etc.

7. Google and its decision not to fix password database.

        *See these two links about Chrome and its password store :

hxxp://blog.elliottkember.com/chromes-insane-password-security-strategy

ESET Article - hxxp://www.welivesecurity.com/2013/08/07/google-chrome-in-privacy-row-over-plain-text-passwords/

 

8. I clean viruses off computers everyday for my private company. More then 50% the computers has chrome as the default instead of IE or firefox, Its a vulnerable and high target app.

The viruses are usually found in or around chrome files, or related etc.

 

Mozilla also has a 64bit variant of Firefox. Its called Waterfox. It's open sourced.

Waterfox - I find that the most stable so far for my computer system is version 18.1. I had troubles on 24.

 

Hope this clears up my reasoning for staying away from Chrome.

Also keep in mind, i have these 4 installed on my computer :
 

Waterfox version 18.1

Internet Explorer version 11

Opera version 12.5 (64bit platform)

Chrome version 31.0.1650.63

 

I prominently use Waterfox and Opera for my personal browsing.

I rarely open Chrome or use it at all.

I use IE for work related stuff like citrix , remote support , heavy java apps etc

 

 

Edit: This was a good read too i found while browsing around for other peoples opinions :

hxxp://dawnoftheintegralage.com/2013/03/19/why-i-dont-use-chrome/

 

This quote from above link relates to my statement #6

" Their technology has one thing primarily in mind: mining your data for innovative ways to deliver ads to you. When you think Google, think advertising. "

Edited December 24, 2013 by Arakasi

[David241 0]

Arakasi,

   I have been reading the ESET guides, the quick guide was easy. The full guide has worn me out after a few pages. I need some sleep it is 5:47 am in Western Pennsylvania. I will get back to you on your latest post and links, hopefully tomorrow. 

[Arakasi 549]

Sounds good David.

Talk to you again real soon. Enjoy the sleep.

[SweX 871]

I honestly expected ESET to do 1 of 2 things, either block access to a website based on poor reputation or announce THREAT DETECTED and block access.

HAVE BOTH OF YOU EVER KNOWN ESET TO DO EITHER OF THESE THINGS???   Even MBAM will occasionally block access and notify threat detected.

Hello David and Merry Christmas.

 

I just want to add YES I have, ESET has a very very very good and effective web protection module. The chance is very high that the threat will be detected or blocked at the source, whether it is a malicious ad or script or something else you may encounter. 

Edited December 24, 2013 by SweX

[David241 0]

Hi SweX,

   I am not sure the web protection module was active on the trial version I was using. Please forgive my ignorance I am just now learning how to use the user interface. It took me a very long time to figure out how to schedule an automatic scan.

   When I ran into trouble I had probably had 8 tabs open, had closed another 10 tabs and was getting redirects with every click. I was waiting for ESET to do something. I was getting bounced from site to site and was not actually seeing much adult content.

  One thing I hate about FBI Moneypac is it preys on people who may be embarrassed or ashamed of visiting adult sites. I AM NOT EMBARRASSED OR ASHAMED.

 

I HAVE ANOTHER QUESTION - IF FBI MONEYPAC HAD LOCKED MY ENTIRE COMPUTER COULD I HAVE USED MY RECOVERY FLASH DRIVE TO RESET MY COMPUTER TO FACTORY CONDITION?????

 Sorry if this is a stupid question, I do not know any better or ignorance is bliss.

[Arakasi 549]

I HAVE ANOTHER QUESTION - IF FBI MONEYPAC HAD LOCKED MY ENTIRE COMPUTER COULD I HAVE USED MY RECOVERY FLASH DRIVE TO RESET MY COMPUTER TO FACTORY CONDITION?????

 Sorry if this is a stupid question, I do not know any better or ignorance is bliss.

 

Yes, it would then be erased.

[David241 0]

Arakasi,

 

  I for the most part used Firefox as my browser for a very long time. I tried to remember why I started using Chrome. The answer I recall is they have slightly different extensions for video downloading. I found by accident that one will work on a site that the other will not work on. For example Firefox will download from youtube and Chrome will not. Rather than have two downloaders on one browser I would switch back and forth based on which extension worked on which site.

  I am not concerned with privacy because I assume I do not really have privacy. Also I am doing nothing illegal.  Did you hear about a site called "Silk Road"? People who believe they can buy drugs online using bitcoins and never get caught underestimate the United States Government.

  I have not yet completely checked the links on your last post. I have never heard of Opera before.

  Thanks for the answer to my recovery flash drive question. I am going to mark your suggestions about Chrome as solved. IT IS FAR AND AWAY THE BEST ANSWER TO MY ORIGINAL QUESTION. 

 

I have to go to a Christmas Party, I know you may not be a christian and hope you are not offended by my wishing you a Merry Christmas and a Happy New Year.

[Arakasi 549]

I am a religious person.

Thank you and Merry Christmas to you and your family.