There is a virus infection, known as the FBI or DOJ or ICE or CIA Moneypak ransomware, that targets computer users in the United States. The ransomware infection will claim that your computer was involved in viewing child pornography and then demands payment of a $100 or more ‘fine’ to be sent via MoneyPack (a temporary debt card). The fact that a criminal charge, as serious as child pornography would be dismissed with a mere $100 fine is laughable. There is a reason for this, the ransomware is not really from any government agency. Rather, this message is actually part of a common malware scam.
The ransomware scam will use a Winlocker, that is, a malware infection that locks down Windows, preventing you from using the infected computer. The ransomware message will claim that the a government agency has blocked your computer because of the supposed criminal activities mentioned above and threatens to prosecute and block your access to your computer permanently unless you send them money through MoneyPack. It goes on to say that you only have 72 hours to pay before they initiate legal proceedings that could lead to huge fines and possible jail time.
This intrusive message blocks the whole screen and resembles an Internet Explorer window. The ransomware message is caused by a Trojan infection that also blocks access to the Windows Task Manager, Command Prompt, Desktop and other components that could potentially help you bypass this intrusive message. Fortunately, the ransomware scam and has no relationship with any government agency.
A rootkit is an application (or set of applications), that hides its presence or presence of another application (virus, spyware, etc.) on the computer, using some of the lower layers of the operating system (API function redirection, using undocumented OS functions, etc.), which makes them almost undetectable by common anti-malware software. Please note that rootkits can be either legitimate or malicious.
Legitimate rootkits may be installed as a part of a beneficial application. Because of that, it is necessary to pay close attention to the Anti-Rootkit results. A rootkit can get to a computer using various methods. The most common way is through some Trojan horse or some suspicious email attachment. Also, surfing the web may result in the installation of a rootkit, for example when “special” plugin (pretending to be legitimate) is needed to correctly view some webpage, to launch some file, etc.
Experts suggest a complete rebuild of a system compromised by a rootkit or suspected of being compromised by a rootkit. The reason is, even if you detect files or processes associated with the rootkit, it is difficult to be 100% sure that you have in fact removed every piece of the rootkit. Peace of mind can be found by completely erasing the system and starting over.
Inoculate helps eliminate computer damage and downtime by making computer configurations indestructible. Once Inoculate is installed on a computer, any changes made to the computer — if it is accidental or malicious are never permanent. Inoculate provides immediate immunity from many of the problems that plague computers today including, but not limited to viruses, spyware, inevitable configuration drift, accidental system misconfiguration, malicious software activity, and incidental system degradation.