Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How to get rid of MoneyPak ransomware infection

02 Jul 2012   #1
lko

Windows 7 Home Premium 64 bit
 
 
How to get rid of MoneyPak ransomware infection

My husband's user account has been taken over by the FBI-MoneyPak virus and is currently unusable. The other two accounts on the computer are password-protected (his isn't) and seem OK for now. I ran Windows Security Essentials and Malwarebytes scans from my account and they detected nothing. How can I get rid of this thing?


My System SpecsSystem Spec
.
02 Jul 2012   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi Iko,

Please follow the instructions in this tutorial:

Windows Defender Offline

Regards,
Golden
My System SpecsSystem Spec
03 Jul 2012   #3
lko

Windows 7 Home Premium 64 bit
 
 

Thanks, Golden. I also received a suggestion from my IT staff at work to try HitMan Pro. It seems like one of these should do the trick.
My System SpecsSystem Spec
.

03 Jul 2012   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

No worries - let us know if you need more help.

Regards,
Golden
My System SpecsSystem Spec
04 Jul 2012   #5
Usedtobegood

Windows 7 Home Premiumx64
 
 

Hi.

Newbie here, I was infected with the Money Pak ransomware and using Hitman Pro, Malware Bytes, and other stuff I can't remember, I got rid of it EXCEPT when I logon I get a .dll error that it can't find C:\users\Mark\AppData\Local\Temp\0_0u_I.exe I have run Emsisoft, Malware Bytes, CCleaner and SUPERAntivirus but can't get rid of it. Any ideas?

I appreciate any ideas....I did Google "manual removal" and it references HKEY registry files but I cannot locate them in my registry? Thanks so much!

Mark
My System SpecsSystem Spec
06 Jul 2012   #6
black7

Windows 7 x64
 
 
FBI moneypak ransom

Hi,

I'm new here as well and currently struggling with the remnants of this virus.

Usedtobegood, the key is located in:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

See this image:



Credits: Remove FBI MoneyPak Ransomware (Uninstall Guide)

Mine as gr5_qor_78.exe or something like that. The virus is gone now but my PC is slow as hell. Web browser crashes like five minutes or so. Could you guys tell me how to fix those errors and make my precious PC run faster again?

Any advice is much appreciated.

Simon
My System SpecsSystem Spec
06 Jul 2012   #7
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

@Usedtobegood - Follow Goldens excellent advice in post #2

@Black7 - have a look at this link & try running SFC, the virus may have damaged some of your files.

SFC /SCANNOW Command - System File Checker

Be sure to run it 3X as SFC doesn't always get everything the first/second time around

You may have to do a repair install.....

Repair Install

And...there's always a chance you still have something on your system. Viruses are known for introducing other viruses.
My System SpecsSystem Spec
09 Jul 2012   #8
Usedtobegood

Windows 7 Home Premiumx64
 
 

@Black 7 I do not have a file similar to the one you show above.

I will try Goldens recommendations and report back.


Thanks!


Attached Thumbnails
-registry.png  
My System SpecsSystem Spec
10 Jul 2012   #9
bigdog2626

Microsoft Windows 7 Home Premium 32-bit
 
 

i got this virus myself what i did to stop the pop up of the fake fbi warning was deleted
C:\Users\bigdog2626\AppData\Local\Temp\glom0_og.exe
then removed a file from the startup folder called ctfmon.lnk
now im doing some scanning
i couldn't locate anything in my reg
My System SpecsSystem Spec
Reply

 How to get rid of MoneyPak ransomware infection




Thread Tools




Similar help and support threads
Thread Forum
FBI Ransomware
I had the Fbi ransomware a couple of days ago but I did a system restore and ran malwarebytes and it found 1 file so I thought it fixed the problem but today It came back so I did the same thing but I believe its still on my pc somewhere, please help me kill it.
System Security
Ransomware infection using Windows 7 Rundll32?
Yesterday, through unwise browsing, my computer (a Dell Inspiron 580 desktop running Windows 7 Pro 64-bit SP1) got infected with a ransomware Trojan demanding, in the name of the FBI, that I send $300, etc., etc. This is the type of malware that completely takes control of your system and shows you...
System Security
Question about FBI MoneyPak
Hi, I've been reading so much about the FBI MoneyPak virus contaminating computers. You would think that with all the techs out there someone could find a way to block it. Can anyone explain why this malware is so hard to block from entering a computer.
System Security
help needed ransomware
Firstly hi all.A few nights ago I was stung with the met police operating system locked,screen it looked a it iffy but I still panicked,with being quite a newbie with pc's,not knowing at the time, what it was my first reaction was to do a full,system recovery back to factory settings,it was lucky...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:52.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App