Hello, Using the wife's computer.

I was watching a video from a link of a friend and just got a notice labelled as FBI for violating some downloadable content, not specifying what.

It tells me to pay a $300 fine with Moneypak whatever the hell that is, and that a criminal charge is being started against me within 72 hours, etc.

Anybody know what this is?

Thanks

Sounds like a scam to me.

Malware!

Do not try to "pay" that fine, scrub your system ASAP.

It's FBI virus. Reboot in safe mode to remove.

http://botcrawl.com/how-to-remove-the-fbi-moneypak-ransomware-virus-fake-fbi-malware-removal/

Computer virus scam

Removal steps:
https://www.google.com/search?q=fbi+illegal+content+warning+300+moneypak

It then says that even if I pay the fine, I have 7 days to fix the violations? I don't even know what the violations are.

Hello, Using the wife's computer.

I was watching a video from a link of a friend and just got a notice labelled as FBI for violating some downloadable content, not specifying what.

It tells me to pay a $300 fine with Moneypak whatever the hell that is, and that a criminal charge is being started against me within 72 hours, etc.

Anybody know what this is?

Thanks

Send me $200 and I'll make sure no charges get filed. Don't worry, I have an 'in'. :D

Sounds like a scam to me.

That is exactly what it is.

FBI does not take "MoneyPak" payments for IP violation fines.

Computer virus scam

Removal steps:
https://www.google.com/search?q=fbi+illegal+content+warning+300+moneypak


Yep, calling it ransomware.

It then says that even if I pay the fine, I have 7 days to fix the violations? I don't even know what the violations are.
There are no violations.

Some random Nigerian is trying to extort money from you.

LOL - I learned a new term today:

Ransomware.

LOL - I learned a new term today:

Ransomware.

i cant get safe mode to open

Forbes article on the subject:

http://www.forbes.com/sites/davidwismer/2013/02/06/hand-to-hand-combat-with-the-insidious-fbi-moneypak-ransomware-virus/2/

i cant get safe mode to open

Hit the F8 key on boot, immediately after the manufacturer logo and immediately before the windows logo. If you're not sure about the timing, hit it about once per second when you see the manufacturer logo..

i cant get safe mode to open

These things are awful and real bitch to remove.

You'll have to hope that you can get to "System Recovery" and that backing it up a few days will do the trick.

I've had malware embed so deep I have had to re-install the OS, once, years ago, required a re-format of the hard drive.

These things are awful and real bitch to remove.

You'll have to hope that you can get to "System Recovery" and that backing it up a few days will do the trick.

I've had malware embed so deep I have had to re-install the OS, once, years ago, required a re-format of the hard drive.
Yeah, some of them are a real PITA.

In the future, run your browser inside this program:

http://www.sandboxie.com/

Been doing this for years now, and on the rare occasions that I've picked up malware since then, shutting everything down and re-starting cleans it all out.

Prevents anything being written to the registry or boot menu.

Benefits of the Isolated Sandbox

Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.

Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.

Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.

Violations, you ask? The only violation is in not having adequate anti-virus protection. I heard about the FBI virus just a week or two ago from a computer gal who said it has been causing a lot of business for her.

it wont let me do sysrem restore in safe mode. and the ransomware is too fast to do system restore in normal mode

josh, thanks for the link. is there another way to get to system restore?

Violations, you ask? The only violation is in not having adequate anti-virus protection. I heard about the FBI virus just a week or two ago from a computer gal who said it has been causing a lot of business for her.

In 2012, a major ransomware worm known as Reveton began to spread. Based on the Citadel trojan (which itself, is based on the Zeus trojan), its payload displays a warning purportedly from a law enforcement agency (leading to its nickname as the "police trojan"), claiming that the computer had been used for illegal activities; such as downloading pirated software.[23] The warning informs the user that to unlock their system, they would have to pay a fine using a voucher from an anonymous prepaid cash service such as Ukash or Paysafecard. To increase the illusion that the computer is being tracked by law enforcement, the screen also displays the computer's IP address as well, while recent versions can also purportedly show footage from a computer's webcam to give the illusion that the user is also being recorded by law enforcement.[1][24]

Variants that targeted the United Kingdom included ones branded as being from the Metropolitan Police Service, the collection society PRS for Music (which specifically accused the user of illegally downloading music), and the Police National E-Crime Unit.[25][26] In a statement warning the public about the malware, the Metropolitan Police clarified that they would never lock a computer in such a way as part of an investigation.[1][10]

Reveton initially began spreading in various European countries in early 2012.[1] In May 2012, Trend Micro threat researchers discovered templates for variations for the United States and Canada, suggesting that its authors may have been planning to target users in North America.[27] By August 2012, a new variant of Reveton began to spread in the United States, claiming to require the payment of a $200 fine to the FBI using a MoneyPak card.[24][2]

A buddy of mine got hit with this puppy just a couple of weeks ago. It was a real bitch to get rid of.

He had to download a program called Hit Man Pro onto a flash drive, then boot the infected computer from the flash drive to run it. Took him a whole day plus to get rid of the damned thing.

A 30 day free trial of Hit Man Pro can be downloaded from download.com. He got the procedure from a Microsoft answer page. Just search for "money pak virus."

Hope this helps.

it wont let me do sysrem restore in safe mode. and the ransomware is too fast to do system restore in normal mode


When in safe mode, go to add/remove programs and remove anything that doesn't belong. Also go to Administrative tools/services and disable anything out of the ordinary in there. If you are not sure, you can usually do a search for the name of the service, or the process name and find what it is.

When you boot back into normal mode, it will still be on there, but neutered enough for you to do a system restore.

A buddy of mine got hit with this puppy just a couple of weeks ago. It was a real bitch to get rid of.

He had to download a program called Hit Man Pro onto a flash drive, then boot the infected computer from the flash drive to run it. Took him a whole day plus to get rid of the damned thing.

A 30 day free trial of Hit Man Pro can be downloaded from download.com. He got the procedure from a Microsoft answer page. Just search for "money pak virus."

Hope this helps.

I've used HMP myself...good stuff:

CNET Editors' review

by: CNET staff on September 11, 2012

Even if you run reliable antivirus software -- and you do, don't you? -- it's never a bad idea to have a supplemental program that can pick up malware that your regular antivirus application might miss. HitmanPro 3 (32-bit) is an easy-to-use program that can quickly scan for and remove a variety of nasty things that might be lurking on your computer.

HitmanPro 3 has an intuitive interface that makes it easy to get started. If you're ready to plow ahead with the default scan, just click Next. If you'd like to do some customizing, the Settings button will take you to a variety of menus that let you control how the program operates. Users can set HitmanPro 3 to run a scan at startup or on a particular day of the week, and there are also options for configuring a proxy. The Early Warning Scoring feature lets security professionals detect possible threats based on suspicious software behavior. We chose to run HitmanPro3 with the default settings and chose the default scan, as opposed to the quick scan option. The program took a little less than 3 minutes to scan our system, detecting 13 cookies and one piece of adware. We then had the option to delete each of these individually or get rid of all of them with the click of a button. The program keeps a log of potentially harmful items that it finds, making it easy to keep track of what you've been infected with. HitmanPro 3 has no Help file, and seems to assume that users will either take advantage of its basic features and leave it at that, or that they're experts who already know how to use the more-advanced features. Either way, we think that HitmanPro3 is a simple and powerful tool for keeping your system squeaky clean, and we recommend it.

HitmanPro 3 installs and uninstalls without issues.


http://download.cnet.com/HitmanPro-3-32-bit/3000-2239_4-10895604.html#ixzz2UEh4j2mK

When in safe mode, go to add/remove programs and remove anything that doesn't belong. Also go to Administrative tools/services and disable anything out of the ordinary in there. If you are not sure, you can usually do a search for the name of the service, or the process name and find what it is.

When you boot back into normal mode, it will still be on there, but neutered enough for you to do a system restore.

whats "out of the ordinary?"

These things are awful and real bitch to remove.

You'll have to hope that you can get to "System Recovery" and that backing it up a few days will do the trick.

I've had malware embed so deep I have had to re-install the OS, once, years ago, required a re-format of the hard drive.

Is good practice to reformat about every 6 months.

This is why it's always good to have a second hard drive and backup of your data. When this happens now I don't even bother to deal with anti-virus programs, just reinstall the OS which reformats (clears) the hard drive. Then just reinstall your applications and it's good as new.

whats "out of the ordinary?"

Depends on which OS version, but for this purpose, you can disable all services/processes that are not required by Windows to be running. Even with Windows 7, there are only a handful:



Explorer.exe - This is the Windows Explorer process. Every window you open in Windows, such as My Documents, depends on Windows Explorer. Closing this process will reduce functionality and prevent your ability to open files and folders on your computer.

Services.exe - This process is vital to Windows 7. It controls how Windows 7 boots, stops and interacts with other processes and services. Stopping this process will shut down Windows 7.

Spoolsv.exe - Though not necessarily required, most users have some type of printer installed. Even if you print to PDF or Microsoft XPS, Windows 7 sees this as a printer. In order to print, you must have spoolsv.exe running.

Svchost.exe - This is the Windows Service Host application process. In order for Windows files to run correctly, this process must be running. Whenever an application requires a system file, you will see the svchost.exe process. The more files you run at once, the more likely you are to see multiple svchost.exe processes. Some other applications result in this process, but it's difficult to tell which belong to Windows and which belong to other applications.

System - This process is also called the System Idle Process. This process totals the time the processor is not in use, which is necessary to determine if there is enough processor and memory for other processes and applications. You cannot run programs or processes once this process is stopped.

Taskmgr.exe - This is another non-essential process, but it is required in order to view running processes. If you close this process, you will not be able to view or manage running processes until you open it again.

Winlogon.exe - If your Windows 7 system requires a logon, you must have winlogon.exe running. This controls the log in process. Without it, you will be locked out of your system until perform a restart.


Note: There are a couple others related to system restore that you don't want to disable. (Volume Shadow Copy or Volume Shadow Services)

you'll know if you're in trouble with the fbi if you hear banging on your door at 3am

This is why it's always good to have a second hard drive and backup of your data. When this happens now I don't even bother to deal with anti-virus programs, just reinstall the OS which reformats (clears) the hard drive. Then just reinstall your applications and it's good as new.

Easiest solution.

Try this as well.

I've been using it for years, very happy with it.

http://www.sandboxie.com/

Depends on which OS version, but for this purpose, you can disable all services/processes that are not required by Windows to be running. Even with Windows 7, there are only a handful:



Note: There are a couple others related to system restore that you don't want to disable.

im still using XP

you'll know if you're in trouble with the fbi if you hear banging on your door at 3am

LOL

In this case, he has nothing to worry about...other than some crooks in Trashcanistan.

im still using XP

Check this page:

http://www.theeldergeek.com/services_compiled.htm

Screw it. I took it down to my local computer shop. $150 and next Tuesday.

Does buying a Mac inoculate you against viruses?

im still using XP

Man do I miss XP!

To avoid this crap in the future.. get more than one auto updating anti malware programs.. some are free even
I use
wizecare 365, advanced system care and avast - running at all times and once a week I use their cleaning processes and cCleaner to get the other crap that just happens.

I do defrags after large graphics files get deleted too

still missing the search for all files and folders created today feature on XP - that was great for nabbing all sorts of garbage

It tells me to pay a $300 fine with Moneypak whatever the hell that is, and that a criminal charge is being started against me within 72 hours, etc.

Anybody know what this is?

Thanks

A scam. Malware. (virus)
http://www.forbes.com/sites/davidwismer/2013/02/06/hand-to-hand-combat-with-the-insidious-fbi-moneypak-ransomware-virus/

http://b-i.forbesimg.com/davidwismer/files/2013/05/New-FBI-Moneypak12.png

Does buying a Mac inoculate you against viruses?

... ain't no worms in my Apple ...

That used to be true because Apple products were not nearly as common as Windows with all of its Security Holes *ahem* "Features". But now that Apple has become much more popular, exploits are being found at a much higher rate, which results in the existence of Malware specific to Apples.

In general, for Windows based systems, I'd recommend people learn to check their Task Manager and look at ALL processes that are running. When a person has a system that runs normally, they need to know what that looks like. It provides a Baseline for comparison to when it is not running normally. If malware is running on a computer, it will show up in the Processes List most of the time. Many malware programs can simply be killed in the Task Manager, and the malicious files removed. Doesnt always work as some malware will prevent the task manager from opening up.

im still using XP

Your choice,, but I would quit using windoze.
I did in fact. At least for everything but a game, and that is the ONLY thing that it does.

Linux for everything else. And there is choice in flavors.
my flavor of choice, http://www.pclinuxos.com/

Quickbooks doesn't run on Linux.

Screw it. I took it down to my local computer shop. $150 and next Tuesday.


Noooo!

Sorry but I wish I saw this sooner. I've removed this virus. The easy safe-mode version and the haha no safe mode for you version.

Maybe you can get it back but it's actually super easy to get off if you have a bit of patience.

Navigate here and download then burn the rescue disk to a dvd or a flash drive. If going the DVD/CD route I prefer imgburn (http://www.imgburn.com/?act=download) for burning ISOs. Instructions on how to do so are on the same page:
http://support.kaspersky.com/us/faq/?qid=208282173

Hookup the computer via network cable if not already. Boot the disk and continue through the prompts and eventually the Kaspersky 'desktop' will appear. First thing that pops up is the scanner. Update it (may take a long time) and then run a full scan on all drives (may take a very long time i.e. 3+ hours). Remove all detections found, reboot, get and run malwarebytes, hitmanpro, tdsskiller, and roguekiller just to be safe. Ccleaner wouldn't hurt either before running any of the post scans.

Linux VS Windows

http://www.youtube.com/watch?feature=player_detailpage&v=7G7TJyZPKPo

(pre Windows 8)

---

Top 5 Ways to Help Linux Virgins Make the Switch

http://www.youtube.com/watch?feature=player_detailpage&v=49yPxmB98hI

Pop that cherry!

Nooo never take it to a computer shop, they will examine your hard drive and report anything suspicious to the police.

Quickbooks doesn't run on Linux.

There are several Money management,,Banking, programs that do..
Viruses don't run on Linux (unless you deliberately run one)

Oh, and people have had mixed success running Quickbooks under WINE. (ie, it can be done)

edit..
Aparently,, Quickbooks does run on linux. And is supported. (from the Quickbooks Support site)
http://dataservices.intuit.com/support/Articles/HOW12295


Installing the Linux Database Server Manager



Important: The following information is intended for a system administrator who is familiar with the Linux operating system, understands network operations, and has permissions to properly install and configure the QuickBooks Enterprise Solutions Linux Database Server Manager.

Before installing the Linux Database Server Manager on your Linux server, please read,,,,,

Nooo never take it to a computer shop, they will examine your hard drive and report anything suspicious to the police.
We most certainly will not.

I just dealt with the "no-safe mode" version of this pain in the ass. My father in law keeps getting Reinfected.


System restore to a pre infected date was the only option. I had him create a system repair disc after he was back up and running so he can repeat the process as needed without having to mash keys in between boot screens.

I am considering a Macbook pro from the market in Pakistan (real but of dubious chain of custody)... would anyone advise Warlord against it? I've used PCs pretty much forever so i'd be a complete newb.

I simply hate the idea of Windows 8 and refuse to upgrade or endorse this product considering how they've destroyed it.

There are several Money management,,Banking, programs that do..
Viruses don't run on Linux (unless you deliberately run one)

Oh, and people have had mixed success running Quickbooks under WINE. (ie, it can be done)

edit..
Aparently,, Quickbooks does run on linux. And is supported. (from the Quickbooks Support site)
http://dataservices.intuit.com/support/Articles/HOW12295

Installing the Linux Database Server Manager



Important: The following information is intended for a system administrator who is familiar with the Linux operating system, understands network operations, and has permissions to properly install and configure the QuickBooks Enterprise Solutions Linux Database Server Manager.

Before installing the Linux Database Server Manager on your Linux server, please read,,,,,

I see, you need to be familiar with Linux, and be a qualified system admin to get it to work. Like I said, Quickbooks doesn't run on Linux. I am a user, I have zero computer programming knowledge or skills. Running Linux at all requires more computer knowledge than I have. It is not a system for casual computer operators. It's kind of like a manual transmission in your truck. If you know how to drive a manual, you know that you can get better performance and economy and longevity out of a manual than an automatic. However, if you aren't coordinated enough to operate a manual, or don't have time to learn, you just have to go with the Automatic which is more common and easier to operate.

I am considering a Macbook pro from the market in Pakistan (real but of dubious chain of custody)... would anyone advise Warlord against it? I've used PCs pretty much forever so i'd be a complete newb.

I simply hate the idea of Windows 8 and refuse to upgrade or endorse this product considering how they've destroyed it.

Ubuntu (Linux) is REALLY easy to setup and if you have any issues a quick google search and some really basic command line entries will usually fix your problem.

That will cut the cost of your computer hardware down by about 1/3. Plus all of the software is free. Open Office, Gimp (photo editing), Netflix Desktop, Firefox or Chrome and hundreds of other very useful programs including video editing, audio editing.. and you can even run a program called VirtualBox and get a Windows or Mac session installed and up if you really need a windows or mac program.

Plenty of games work great on linux, it's just not the best if there is a specific or newer game that you are wanting to play that isn't supported. You can run STEAM on linux.

Also linux users don't really have issues with viruses or malware as you have to have root access to install stuff and it's generally not targeted for that stuff.

I am a user, I have zero computer programming knowledge or skills. Running Linux at all requires more computer knowledge than I have. It is not a system for casual computer operators.

That is me. I did not even own a computer till 2003. I had avoided them completely.
I started with linux in 2004 after a few virus and crashing issues running XP. I knew little about computers and nothing about linux.

But I can read. ;)
Now I am the "system Administrator " for me,, my Wife,, my Mom. the "kids".

fbi moneypak fakeware?

I see, you need to be familiar with Linux, and be a qualified system admin to get it to work. Like I said, Quickbooks doesn't run on Linux. I am a user, I have zero computer programming knowledge or skills. Running Linux at all requires more computer knowledge than I have. It is not a system for casual computer operators. It's kind of like a manual transmission in your truck. If you know how to drive a manual, you know that you can get better performance and economy and longevity out of a manual than an automatic. However, if you aren't coordinated enough to operate a manual, or don't have time to learn, you just have to go with the Automatic which is more common and easier to operate.

Dude, there's like 4 command line entries and a couple of links to visit.. It just takes a little bit of patience, but honestly it isn't that hard to setup and use linux if you know how to google.

My dad is very old and only uses the computer for email, word processing and occasional internet website. He downloaded some malware I couldn't get rid of quite a few years ago and since I only visit a few times a year, I can't be there to fix his computer all the time.. so I installed linux on his system and it has been about 5 years on a 6 or 7 year old system that cost less than $400 and I have barely had to touch his computer since. I think I installed a fax machine/printer on there for him one time and that's about it. He has a link to his email, word processing and internet on his desktop and that's all he needs and he never installs the updates and everything works great for him.

I'm always installing updates, installing new versions of new types of software so I have to be a little more on top of my game, but it's not that bad. I can't imagine going back to windows.

Ubuntu makes setting up linux on your system really easy.

1- Clean install of OS
2- Install your programs
3- Turn off system recovery (viruses hide there all the time)
4- Set up a second HHD for all your data, pictures, documents, etc.
5- Do complete backup of drive with OS/Programs to USB drive
6- AVG...its free and it works
7- Stay off of porn or torrent sites...or at least know the safe ones :)

In the event of an infection that you cannot remove (which should no longer happen now) just reboot from your system backup USB and you are right back where you left off...minus the virus of course.

(this works for windows 2000,xp,vista, 7)
use system restore regularly. or set it up to do a daily. (most computers are setup to do this automatically, it is on by default and creates a restore point during certain activities automatically)
when something goes wrong on your system. anything-
just reboot your computer, and before the windows boot screen appears- as in right before it in the boot sequence- press 'F8' key.
a menu of many options appear (if the menu does not appear you didn't hit the sweet spot- think of it as a game... will you find the cheese?)
choose to boot to 'safe mode with command prompt'
once you are at the command prompt- (you will be at c:\windows\system32 by default)
type:
cd restore

and then type:
rstrui.exe

once the restore program comes up, choose a date prior to the screw up and click the next, next, ok, yeh, ok. buttons that come up from there.
when your computer reboots, it will be turned back in time to a place where everything was better.
almost like time travel.


note: system restore only effects system files and program installations, so all of your saved documents/pics/music/vids etc are not effected by the roll back.
installed programs and system files are rolled back.


further note: if you are rolling back because of malware/virus, you will need to do a Malware Scan of your computer. erase all your system restores. (this is done easily by turning off the service and turning it back on- i can provide such lessons if needed)
sometimes a virus can put itself in restore backups or actually get backed up as a system file.
system restore saves me tons of scan time(i fix people's computers as part of my living) when people bring in computers that are hijacked/infected.
the command prompt insures a higher rate of success, though system restore could be implemented from other locations as well.