Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Does any A-V stop the FBI/MoneyPak malwar?

Status
Not open for further replies.
Oct 7, 2007
6,597
US
Had a customer ask me this question yesterday after she has gotten this thing TWICE (once on one computer and twice on another!!!). She's running Microsoft Security Essentials, so I KNOW that doesn't prevent it.

I also know it's probably their browsing behavior (porn? file sharing?) that is getting them in trouble, but I can't sit over their shoulder saying "don't click on that".

It seems from an internet search that a lot of different A-V owners are asking this same question. Maybe the malware keeps morphing enough to stay elusive?

 
Don't be too hard on your client, I caught it on a machine used soley by me and never used to search dodgy sites.
I have another computer for that :)

If I knew where I had got it from I would confirm it and then inform the relevant authorities.

Keith
 
I recently saw an article that put MS Security Essentials at the bottom of their list for preventing infections. I'll see if i can find it and post a link.

James P. Cottingham
I'm number 1,229!
I'm number 1,229!
 
It has morphed and is now more difficult to remove than the original version. But you also might want to look at other possible root causes - particularly running outdated software applications with known security holes, file sharing apps, etc.
 
But it's free - it has to be good. I use it myself, but I'm not visiting any funky sites (free stuff, porn stuff, download stuff, etc.) The other reason is that unlike other free products, it doesn't nag you to buy a full version.

Some good comparison tests below, but I'm just trying to see if anyone's AV actually stops the MoneyPak. Looks like BitDefender is near the top in both of these.


 
I have gotten it on two workstations in the sheriff's office dispatch center, and one in the sheriff's squad room. All have mcafee the expensive version, and we have an iBoss so there's no porn, etc.

Thanks,
Dave.
 
I have a customer that has gotten it on two different computers a total of 4 times in the last two months. I don't know what to tell them except to "don't do anything" on the internet. Not real practical advice.
 
Have 4 client networks with approx 20 users, no viruses have gotten in for years...
The best protection I have used is Symantec Endpoint (corp small business edition) setup as managed clients, along with OpenDns. The Symantec console has policies which lock users and software from making changes to the AV, unless you have an Admin password, you can not disable, tamper with settings or uninstall.
I have all wks go to a forwarder for DNS, that machine is the only machine allowed to go to specific trusted DNS servers via a DNS rule on the firewall, the wks are not allowed port 53 access. Non-forwarder equiped, again I just just use DNS port restriction to specific DNS servers.
I have some smaller network with an older Symantec Corp edition/other brands, and viruses have occational gotten though... like you I have a few users who will click on any button ... even if was labeled as Nuclear Launch, World Annihilator.
You have to wonder, who is the bigger threat, the virus or the user; I do so enjoy the moaning as I restrict access via OpenDNS.


........................................
Chernobyl disaster..a must see pictorial
 
That's fine but I'm talking about home users and "normal" levels of protection - i.e. an anti-virus product and probably the windows firewall.
 
I had a friend that had it on windows 7 and I installed spybot search and destroy ( It not only removed the virus but it has an automatic scanner that checks everything coming in and block it from reinfecting. It also will maintain it's own updates and the kicker is it is free for home use. I have used it for years and it does a great job.

Bill
Lead Application Developer
New York State, USA
 
That's interesting about Spybot S&D. I've also used it for years. Though for a while there, it got kind of behind, and didn't do much of anaything worth using it for, best I could tell. Also, it seemed to slow down PCs I installed it on. I've had greater success of late with it - past 6 months, I suppose, although I have seen where it would still slow down PCs on occasion. Overall, it's definitely worth keeping around as a back-up scanner.

"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57
 
I gave up on Spybot about four years ago because it was slow and relatively ineffective, but I could take a look at it again. Technically though it's NOT an anti-virus program that would PROTECT you from getting MoneyPak in the first place which was what I was asking.
 
My grandson picked up FBI last night on his Win-7 laptop. It has MS Security Esentials, which let it on but then immediately tried to take it back off which it couldn't. I finally had to manually remove the FBI. That is quite the program, seems like a waste though to have that kind of talent and not use it for something a bit more constructive.

Dave.
 
Yes, I have seen quite a few times that M.S.E. cannot prevent this malware. Seeing as though it's free and doesn't nag you to upgrade to a paid version, I like it better for customers. However, they will get mad at me if they get this malware three times in six months.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top