Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Get rid of FBI Money Pak Ransomware


  • Please log in to reply
4 replies to this topic

#1 AMV814

AMV814

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 12 November 2013 - 11:03 AM

Hello my name is AMV814,

 

Last night around 10 P.M. I encountered, what I beleive to be, FBI Money Pak Ransomware. My new tumblr account appeared on the screen, with out having logged on. It prompted me at the top of the screen to confirm my e-mail address. I clicked with out thinking. The screen changed to FBI Cyber Crime Division. It stated:

 

IP:99.141.250.121

Location: US, United States, Illinois, Glen Ellyn

ISP: AT&T Internet Services

User Name: ****

 

You have been viewing or distributing prohibited Pornographic content (Child Porn/Zoophilia and etc). Thus violating article 2, Section 1, Clause 2 of the Criminal Code of United States of America. Article 2, Section 1, Clause 2 of the Criminal Code provides for a deprivation of liberty for 4 to 12 years.

 

It states further:

 

To unblock the computer, you must pay the fine through MoneyPak or MoneyGram xpress Packet of $300

 

Afterward It began a count down stating that I have 72 hours to pay the fine from that moment. Since I do not live in Glen Ellyn I stared at my lap top screen for a few moments then turned it off in denial of the whole affair. So this morning I restarted it and logged into my user name (I am the only user of my lap top). Turning my laptop back on the same information appears. I can not access anything on my laptop other than to scroll through the Ransomeware terms. The count down is still going. At this time I have 60:33:00 to pay this fine.

 

My Laptop is a Toshiba Satellite A665-S6098, windows 7, intel i7core. I do not have anti-virus software on my computer at this time.

 

This is my first laptop and I would like to have it fixed. Which places fix laptops with this kind of issue and roughly how much might that cost a college art major? Is this an issue easily resolved by oneself by buying a product such as HitmanPro? Lastly should I be concerned about reaching the end of the count down?

 

Thank you for taking the time to look at this. Please let me know if you need any other information.

 

AMV814

 

 



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,071 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:18 PM

Posted 12 November 2013 - 12:35 PM

Hi AMV814,

 

Try the BleepingComputer guide here, and tell me how you get on:

 

http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 AMV814

AMV814
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 13 November 2013 - 02:23 AM

xXToffeeXx,

 

Thank you for responding to message so quickly. I was able to follow the directions easily up until I reached step 10. Widows started, and I was able to login normal. I saw the screen locker for the ransomware and waited five minutes to see if the HitmanPro window would appear on top of the screen. Unfortunately it did not appear. I then repeated steps 1-10 with similar results. The Randsomware screen locker has not changed.

 

I am wondering if this problem relates to having used the HitmanPro.exe (for 32-bit versions of Windows) instead of HitmanPro_x64.exe (for 64-bit versions of windows). Will changing the bit version of Windows fix this? Do I need to find a computer with 64-bit windows all ready installed to down load HitmanPro_x64.exe (for 64-bit versions of windows) for my infected lap top? Thank you for the help you have given. Any further help concerning this matter would be awesome.

 

Thank you,

AMV814



#4 AMV814

AMV814
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 13 November 2013 - 03:29 AM

xXToffeeXx,

 

I reread through my instructions and tried again. It worked! Thank you for supplying me with the tools I needed to remove the infection and learn about how to better protect my laptop from future infections.

 

Thank you,

AMV814



#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,071 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:18 PM

Posted 13 November 2013 - 01:51 PM

Hi AMV814,

 

Glad to hear it worked, sometimes you need to try a few times to get HitmanPro to work. This is quite a good topic to keeping a computer clean and is written by site founder and admin, Lawrence Abrams. It's worth a look, and it's good to follow those tips.

 

Anything else I can help with?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users