header



Welcome to the Micro Center Tech Support Blog!
Find free technical support on a variety of products featured at Micro Center and plenty of how-tos on new technology. Start searching our Blog below or search our Tech Center archives »

Can't find what your looking for? Take advantage of our Tech Support services »

Join the MC Tech Support Community Forum: Get direct advice from the Knowledge Experts @ Micro Center.
Click here to access the Forum »

Search This Blog

Thursday, June 20, 2013

Tech Tip: FBI Moneypak Virus Removal

Description: This technical article explains how to remove the FBI Moneypak Virus.

FBI Moneypak Virus

The Moneypak virus implements itself by filling your screen with an image similar to the one above. You will not be able to clear this screen and they will demand you send them an amount of money (usually $200) via Moneypak which is untraceable and unrecoverable. This is a SCAM and you should never send money to anyone requesting it in this manner. If you did follow the instructions they will take your money and then demand more. Your computer is effectively being held for ransom.

The FBI Moneypak virus is a common malware that we see on a daily basis. Removal of this virus is often quite simple. It is important to note that this removal works most of the time, but there have been cases where removal is not possible. In this case we would recommend taking your computer to one of our in store Knowledge Bars for assistance.

REMOVAL:
To remove the FBI virus screen blocking access to your operating system we are going to restore* your system to a restore point just before the infection occurred. If you are not sure when the infection occurred, err on the side of caution and choose an older restore point.

*If you have Windows 8, click here for how to perform a System Restore.

*If you have Windows 7 or Windows Vista, click here for how to perform a System Restore



Once your computer has been restored and you are able to access Windows. We recommend purchasing and installing Malwarebytes to remove any residual infections.

For more assistance contact Technical Support here.

Tuesday, June 11, 2013

Tech Tip: How to clean out the Windows Hosts file if malware has tampered with it

Viruses attack computers not just by posting pop-up ads for phony software. They also cripple the computer's basic functions so that the virus is difficult to get rid of. One of the chief objectives of viruses is to prevent internet browsers from going to web sites chosen by the user. There are several ways that viruses steer a browser away from its intended destination. Sometimes they install a Proxy Server into the web browser (See Part 3 in this series, "How to clear the Proxy Server setting"). At other times a virus will insert unwanted IP addresses into the network settings (See Part 4 in this series, "How to reset Static IP addresses to dynamic IP addresses"). A third way that viruses hijack internet connections is rarer, but it does happen. If previous attempts at solving the problem do not work, it is worth investigating a Windows feature called the Hosts file.

The WindowsHosts file serves to map user-friendly and familiar web site addresses (such as Google) to the actual IP addresses that are behind such names (such as 216.239.51.99). The Hosts file is sometimes used by network administrators for managing fixed networks. Unfortunately, it is also a target for viruses that want to hijack a computer's internet connectivity. Fortunately, however, if the Hosts file has been attacked and unwanted material written into it, the file can be manually cleaned.

The Hosts file is located deep in the Windows folder. It is not easy to find, but following these steps will help you locate it, inspect it and-if necessary-clean it up.

First, you need to open up the Windows text editor called Notepad. (For Windows Vista, 7 and 8, this needs to be launched with administrator privileges.) Depending on which version of Windows you have, this is done differently:

1) In Windows XP:

  • Click on the Start button
  • Click the Run button in the menu
  • Type notepad in the box, hit the Enter key

2) In Windows Vista:

  • Click on the Start button
  • Type notepad in the search box
  • Right-click the Notepad program in the list
  • Click Run as administrator in the drop-down menu
  • Click Yes to allow the program to make changes (if this option appears on the screen)

3) In Windows Vista:

  • Click on the Start button
  • Type notepad in the search box
  • Right-click the Notepad program in the list
  • Click Run as administrator in the drop-down menu
  • Click Yes to allow the program to make changes (if this option appears on the screen)

4) In Windows 8:

  • Open the Charms menu and click on the Search Charm
  • Type “notepad” in the Apps search window
  • Right-click the program Notepad that appears in the results in the upper left corner
  • In the taskbar that opens at the bottom of the screen, click Run as administrator
  • Click Yes to allow the program to make changes (if this option appears on the screen)

When notepad is opened up, you will see a new window for the Notepad text editor that looks like this:

notepad 

notepad

With the Notepad application open click on File in the menu bar, then click on Open in the drop-down menu (as indicated by the red arrow, above).

To locate the Hosts file, start with a double-click on the C drive in the left panel, then the Windows folder, the System32 folder, the drivers folder, and finally the etc folder. Once the etc folder is open, click on Text documents (*.txt) and drop down to the next option which is All files (*.*). If you are in the correct folder, you will see a list of 3 to 5 files in the window, as shown below. Now, double-click the Hosts file (circled) to open it up in the text editor.

All files

The example below is of an actual hijacked Hosts file. All the lines of text that are preceded by the # sign are legitimate (comments). All the others were inserted by a virus to steer users in various countries to the unintended IP address of 74.50.127.5 (the web site designed by the virus author) instead of Google.

hijacked host file

To remove the intruding instructions in the host file is simply a matter of deleting the lines that are not wanted. Using Notepad, move the cursor to the area (as highlighted, above) and delete those lines, leaving the original lines in the Hosts file.

A clean Hosts file will look something like this:
clean Hosts file

When finished editing, simply save the file, reboot the computer, and try to use your browser normally. Hopefully, the experience of being steered away from desired web sites will be gone, and you will be able to browse freely.

For more assistance contact Technical Support here.

Tuesday, June 4, 2013

Tech Tip: How to fix internet connection problems

Everyone who uses the internet experiences connection problems from time to time. The "Cannot display the web page" message in Internet Explorer, or the "Server not found" message in Firefox, or the "Ooops!" message in Google Chrome are familiar but unwanted sights. In each case, you're going nowhere on the web. Sometimes the connection problem is caused by hardware issues: a computer adapter malfunction, a modem or router that has finally burned out, or a broken wire or loose cable. Very often, however, there are software issues that cause the connection problem. Many of these issues can be addressed with just a little bit of technical know-how. This series of how-tos is designed to help you try some of the most common software fixes for internet connection problems. The series includes:
  1. How to find a Wireless Access Point before launching a browser
  2. How to make sure your network adapter is working and has a software driver
  3. How to clear the Proxy Server setting in Internet Explorer
  4. How to reset static IP addresses to dynamic IP addresses
  5. How to clean out the Windows Hosts file if malware has tampered with it
For more assistance contact Technical Support here.