Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Question about FBI MoneyPak


03 Feb 2013   #1

windows 7
 
 
Question about FBI MoneyPak

Hi,
I've been reading so much about the FBI MoneyPak virus contaminating computers. You would think that with all the techs out there someone could find a way to block it. Can anyone explain why this malware is so hard to block from entering a computer.

My System SpecsSystem Spec
.

03 Feb 2013   #2

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

Hello Norby and welcome to Seven Forums.

The FBI MonkeyPak Ransomware is a computer infection that locks you out of your computer and your applications until you pay a ransom of $100 in the form of a MoneyPak. This infection is typically installed onto a computer when the user visits a hacked web site that contains malicious scripts that exploit vulnerabilities on the computer to install the FBI Ransomware without their knowledge or permission. It is for these reasons that it is imperative that all computer users make sure their installed programs, including Windows, are up-to-date with the latest patches.

Remove the FBI MoneyPak Ransomware or the Reveton Trojan

So the biggest problem is when people fail to install the latest patches, hotfixes, etc on all their installed programs, not just Windows. No anti-malware program is going to be 100% effective 100% of the time (if there was such a thing we'd all be using it.) If someone is running an outdated Java, Adobe Flash, Adobe or Foxit Reader, etc they are contributing to their own infection. By the time an anti-malware program might detect that the user has accessed a hacked web site containing the malicious scripts, the damage has already been done.
My System SpecsSystem Spec
03 Feb 2013   #3

Windows 7 Pro. 64/SP-1
 
 

Here is another little possibility. Using Torrents. When downloading using such programs the things you download come in little pieces for different computers all over the world. The infection comes in little pieces (without a complete signature) and sneaks by the security. Once in the system it is put back together and presto your infected.
The infection looks like this to a security program
xoxoxox and when a security programs sees that it stops it. When it is sent xo and from another computer is sent xo ect. the security program lets the xo in your system where the get put back together as xoxoxol and presto you are infected. Also many users of Torrents set their computer for smooth downloading and bypass their firewall and security programs and many don't even know they have done so. Many people don't do the basics and expect their security programs to do everything.
They open what ever email they receive. They don't scan programs when downloaded, they just install them. The list goes on and on. Here is a Microsoft site to get started on learning about being more secure.
Their are many this is just one.
Resources | Microsoft Safety & Security Center
My System SpecsSystem Spec
.


03 Feb 2013   #4

Windows 7 Home Premium
 
 

A "Drive-by" through a website where malware is planted is a way of getting infected. The download happens without a person's knowledge...
My System SpecsSystem Spec
04 Feb 2013   #5

Windows 7 64 / Windows 8 64
 
 

There is another issue.
Although all FBI Moneypak shares about the same text and design, it is completely different parasites in many cases.
There are like 10 families of it, where several are more dominant. So, there is lots of work to detect such parasites in time.
My System SpecsSystem Spec
12 May 2013   #6

Wondows 7
 
 

P'O'd I just got this virus last night.
FWIW they are now asking for $300.00 and it disables the safe mode option.
I am uncertain if I will be able to even get a command prompt, and don't really have the "voodoo" to use commands. I may just replace the OS completely by putting a New Drive in and reinstalling the OS from a restore drive.
If I'm not command prompt savy what are my other options?
My System SpecsSystem Spec
12 May 2013   #7

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

Might be a good idea to use Firefox with NoScript add on in future.

A bootable antimalware of some kind may be the answer.

There are several available for free download:
My System SpecsSystem Spec
12 May 2013   #8

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

My System SpecsSystem Spec
12 May 2013   #9

Wondows 7
 
 

I found this
"Processes
%WINDIR%\system32\0_0u_l.exe
%APPDATA%\jork_0_typ_col.exe
%TEMP%\0_0u_l.exe
%Temp%\[RANDOM].exe
tpl_0_c.exe
%StartupFolder%\ch810.exe
DLLs
%StartupFolder%\wpbt0.dll
Other Files
%StartupFolder%\ctfmon.lnk
WARNING.txt
V.class
Registry Keys
%AppData%\vsdsrv32.exe
cconf.txt.enc"

but am uncertain if I know how to get to the directories in command prompt
My System SpecsSystem Spec
12 May 2013   #10

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Don't attempt manual removal - use the links SiW provided
My System SpecsSystem Spec
Reply

 Question about FBI MoneyPak




Thread Tools



Similar help and support threads for2: Question about FBI MoneyPak
Thread Forum
Solved Thermal Paste Question..(Noobish Question) PC Custom Builds and Overclocking
How to get rid of MoneyPak ransomware infection System Security
Answer Question, Ask Question. Chillout Room
Solved Logitech 5.1 surround question and soundcard question IDT and Realtek Sound & Audio
question about a HDD Hardware & Devices
32 and 64 bit question Installation & Setup
XP Question Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:27 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33