Ransom Ware

I was working on a computer the other day that had the money pack virus. The Moneypak virus is relentless . The worse problem I have ever seen It will hold your computer hostage, requiring you to buy  a Moneypak, which is  card that you pick-up at most retail stores, that you load  at the Cashier. These are found at  Wal-greens, K-mart, Cvs Pharmacy, or your local 7-Eleven.Moneypak 4 (2)

This particular one is asking that you pay 300.00 dollars.  Once the computer has been  infected the user has 48 hours. This is not from any Federal Government Agency, such as ICE(Immigration Customs Enforcement)), FBI(Federal Bureau of Investigation) So, how do you get rid of this thing.

There are some websites that offer different ways to  get rid of this Virus and we will go through each one. The first one is to download Malware Bytes. Since, it is next to impossible to do this. i recommend you have malware Bytes on your computer, before your need it. you can download Malware Bytes at the Website: http://www.malwarebytes.com. After the download, uncheck Trial version Pro and leave the other two boxes checked.

After updating, you will want to run the program in Safe Mode with networking. Each computer is different, Most will boot into safe Mode with the F-8 key. To do this you will want to restart the computer, hold down the F-8 key, this will present you with a black screen, which will then shift to a line of text, eventually you will see the usual Windows log-on screen, make sure you use the Administrator account.

Run Malware Bytes, when it  is complete, it will show what it found. If you right-click on one of the boxes, you can have all the boxes checked or UN-checked. Comes in handy when you have a lot of Malware detected.

There are some programs that you can use Kapersky has a rescue disk, that you can download, then burn to a CD, to use in an emergency. Avg also have a rescue disk that you can download.  I recommend you do this before you need it. Below is a link on Ransom ware and some remedies.

http://malwaretips.com/blogs/fbi-moneypak-virus/#kaspersky

Below is a  link for each.

Kaspersky Rescue disk

once you get to the site, look for the link for Download Kaspersky Rescue disc iso image and click here. obviously you will have to download this onto another computer, then burn onto a cd/dvd once finished. pop disk into computer, restart computer and boot from cd.

http://support.kaspersky.com/viruses/rescuedisk#downloads

AVG Rescue disk

http://www.avg.com/us-en/download.prd-arl

Whichever you use, place the disk inside the CD-ROM tray, then restart the computer and follow the prompts.

For the Avg rescue disk, a screen will seem to count off, to re-boot, go ahead and allow the system to reboot, then except the agreement.

While working on this computer, Safe-mode could not be accessed using the F-8 key, nor was there a way to get into Safe-Mode during this process

The rescue disk was found later, and  was not used at this point.

In order for me to fix this problem, I was unable to get into the system, therefore, resorted to removing  the hard drive,  connecting it to another computer and running MalwareBytes. using a Sata Ide hard drive adapter, that I had purchased through Wal-Mart. There is a link below on this

https://infotechcomputing.wordpress.com/category/sabrent/

After connecting the hard drive to another computer,  I was able to run in Safe-mode with Networking, then using the Administrator Account ran MalwareBytes getting rid of this Virus.

The owner didn’t have an anti-virus on his computer, and he had clicked on a Pop-up.

Make sure by all means you install an Anti-Virus on your computer. Very Important. We have a link for free Anti-virus, just go to the home page and click on Free Anti-Virus. Below is a link

https://infotechcomputing.wordpress.com/

Remember Put GOD First in everything you do.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s