Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How to get rid of MoneyPak ransomware infection

02 Jul 2012   #1
lko

Windows 7 Home Premium 64 bit
 
 
How to get rid of MoneyPak ransomware infection

My husband's user account has been taken over by the FBI-MoneyPak virus and is currently unusable. The other two accounts on the computer are password-protected (his isn't) and seem OK for now. I ran Windows Security Essentials and Malwarebytes scans from my account and they detected nothing. How can I get rid of this thing?


My System SpecsSystem Spec
.

02 Jul 2012   #2

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Hi Iko,

Please follow the instructions in this tutorial:

Windows Defender Offline

Regards,
Golden
My System SpecsSystem Spec
03 Jul 2012   #3
lko

Windows 7 Home Premium 64 bit
 
 

Thanks, Golden. I also received a suggestion from my IT staff at work to try HitMan Pro. It seems like one of these should do the trick.
My System SpecsSystem Spec
.


03 Jul 2012   #4

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

No worries - let us know if you need more help.

Regards,
Golden
My System SpecsSystem Spec
04 Jul 2012   #5

Windows 7 Home Premiumx64
 
 

Hi.

Newbie here, I was infected with the Money Pak ransomware and using Hitman Pro, Malware Bytes, and other stuff I can't remember, I got rid of it EXCEPT when I logon I get a .dll error that it can't find C:\users\Mark\AppData\Local\Temp\0_0u_I.exe I have run Emsisoft, Malware Bytes, CCleaner and SUPERAntivirus but can't get rid of it. Any ideas?

I appreciate any ideas....I did Google "manual removal" and it references HKEY registry files but I cannot locate them in my registry? Thanks so much!

Mark
My System SpecsSystem Spec
06 Jul 2012   #6

Windows 7 x64
 
 
FBI moneypak ransom

Hi,

I'm new here as well and currently struggling with the remnants of this virus.

Usedtobegood, the key is located in:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

See this image:



Credits: Remove FBI MoneyPak Ransomware (Uninstall Guide)

Mine as gr5_qor_78.exe or something like that. The virus is gone now but my PC is slow as hell. Web browser crashes like five minutes or so. Could you guys tell me how to fix those errors and make my precious PC run faster again?

Any advice is much appreciated.

Simon
My System SpecsSystem Spec
06 Jul 2012   #7

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

@Usedtobegood - Follow Goldens excellent advice in post #2

@Black7 - have a look at this link & try running SFC, the virus may have damaged some of your files.

SFC /SCANNOW Command - System File Checker

Be sure to run it 3X as SFC doesn't always get everything the first/second time around

You may have to do a repair install.....

Repair Install

And...there's always a chance you still have something on your system. Viruses are known for introducing other viruses.
My System SpecsSystem Spec
09 Jul 2012   #8

Windows 7 Home Premiumx64
 
 

@Black 7 I do not have a file similar to the one you show above.

I will try Goldens recommendations and report back.


Thanks!


Attached Thumbnails
How to get rid of MoneyPak ransomware infection-registry.png  
My System SpecsSystem Spec
10 Jul 2012   #9

Microsoft Windows 7 Home Premium 32-bit
 
 

i got this virus myself what i did to stop the pop up of the fake fbi warning was deleted
C:\Users\bigdog2626\AppData\Local\Temp\glom0_og.exe
then removed a file from the startup folder called ctfmon.lnk
now im doing some scanning
i couldn't locate anything in my reg
My System SpecsSystem Spec
Reply

 How to get rid of MoneyPak ransomware infection




Thread Tools



Similar help and support threads for2: How to get rid of MoneyPak ransomware infection
Thread Forum
FBI Ransomware System Security
Ransomware infection using Windows 7 Rundll32? System Security
Question about FBI MoneyPak System Security
Ransomware resurrects the SOPA specter Security News
help needed ransomware System Security
Trend Micro discovers new ransomware System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:34 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33